Finally rooted Thanks to @six2dez for correct direction.
Finally rooted this box!
USER: Enumerate every page and every room! Just like in Swagshop, LEARN the tools you’re trying to exploit.
ROOT: Use some tools and enumerate. Google is your friend. Fairly straightforward.
Feel free to PM me for any hints or nudges. I’m happy to help!
Hi all! First post and everything! i wonder if someone is able to point me in the right direction. I have user and am trying to privesc to root. I know the s*********l issue however i cant figure out how to exploit it. Id appreciate a steer if anyone has a spare minute. much appreciated
Can I get a hint on how to escape the p**g command without using the forbidden characters?
any hint from www-*** to per via s**.py?
Type your comment> @salute101 said:
any hint from www-*** to per via s**.py?
Look at what the script does, all its different options and then look at what it does and how you can manipulate it to get it to do what you want.
I can not for the life of me find out what to do with s******.py not really well versed in python any nudges or just subtle tips would be appreciated
My advice to any one struggling with the PY is there is a guide already listed which will help you. DO NOT speed read it. read it properly and you will understand what you need to do
Type your comment> @trentxsweat said:
I can not for the life of me find out what to do with s******.py not really well versed in python any nudges or just subtle tips would be appreciated
Also struggled a bit, all the necessary tips are already in this thread.
rooted . nc machine though.
got root, thanks all for help.
Have a r****** shell for www-data. Do not have permissions to user.txt.
Have stumbled across s******.py but not sure what i need to do next.
PM me
i am quite stuck on the point of the first priv esc… i get a shell as the user i want but the shell dies after a while… any hints how to make it persistent?
PMs are welcome of course.
What a wild ride that was! Absolutely loved it, I feel like I’ve genuinely learnt something from this box.
Many thanks for some of the pointers here, and the creators for producing this.
It looks like I am in need of a pretty in depth description of how to actually exploit s******.p* . This is the first time I have attempted an exploit like this and I am anxious to learn. PM me !
THanks all !
ROOTED
Great box, really liked it.
USER: if you use a tool for enumeration take it to the next level, and not every room is the same.
ROOT: if you enumerate everything it will pop up, just make sure you’ve got a good visual 
@ab3lson said:
Can I get a hint on how to escape the p**g command without using the forbidden characters?
sometimes you can give those characters a call
I cannot figure out what commands are use to by bypass the script to get to user. googled everything in this thread. Nothing is jumping out to me. Please DM me for help. Thanks!
Earlier I was able to use s********y to read user, but now all my commands seem to be running as www-****?