Kotarak privilege escalation need help

I got tomcat passwd and su to atanas. but can`t get root .
I found another ssh port in the box but how to login it ?

run linenum script to find the vuln

@h4x3r said:
run linenum script to find the vuln

so Tetris is a trap ?

@colasoft said:

@h4x3r said:
run linenum script to find the vuln

so Tetris is a trap ?

yep exploit is related to the thing that you use to download anything :wink:

@h4x3r said:

@colasoft said:

@h4x3r said:
run linenum script to find the vuln

so Tetris is a trap ?

yep exploit is related to the thing that you use to download anything :wink:

is root.txt in 10...133?

@WinXx said:

@h4x3r said:

@colasoft said:

@h4x3r said:
run linenum script to find the vuln

so Tetris is a trap ?

yep exploit is related to the thing that you use to download anything :wink:

is root.txt in 10...133?

you are going wrong maybe… exploit it to get a root shell… not root flag

So I cant get the .wgetrc to trigger. Like, at all. I have the wget hitting me, i see traffic on my FTP Server, the file looks like its getting uploaded, but for some reason the next request just doesnt turn into a POST request, and no cron job appears to be written.

Anyone have an idea how I can troubleshoot?

i think the key is get the .wgetrc to trigger by ROOT, bu i can’t find the right way

Having a similar issue with my exploit as well. Any advice via PM for how to fix it so it functions properly would be much appreciated.

I’m pretty stuck on the root privesc too. I know it’s that exploit on the downloader thing, but I can’t make it to trigger…

This machine is almost being retired, can someone PM some nudges? I know that I’m close, but I must be overseeing something…

Ok, I got system on this machine.

Advice for the privesc:
There’s some stuff that it’s not related to getting the final hash and sounds to be there just to distract you. The things you saw first are the most obvious and the ones you need to dig in. Look at a specific logfile and with the information you see, think about what could be happening periodically. Then, use that to make your exploit work.

@h4x3r said:

@WinXx said:

@h4x3r said:

@colasoft said:

@h4x3r said:
run linenum script to find the vuln

so Tetris is a trap ?

yep exploit is related to the thing that you use to download anything :wink:

is root.txt in 10...133?

you are going wrong maybe… exploit it to get a root shell… not root flag

the root.txt is in 10...133. -_-||, and the most import thing for most people is "authbind " but not wget-exploit i think

@WinXx said:

@h4x3r said:

@WinXx said:

@h4x3r said:

@colasoft said:

@h4x3r said:
run linenum script to find the vuln

so Tetris is a trap ?

yep exploit is related to the thing that you use to download anything :wink:

is root.txt in 10...133?

you are going wrong maybe… exploit it to get a root shell… not root flag

the root.txt is in 10...133. -_-||, and the most import thing for most people is "authbind " but not wget-exploit i think

That’s why you have to use 0.0.0.0 haha!