Lightweight

I have opened t*****p and listened the 389 port for a while, nothing happened after 10 minutes, am I at right path please?

Yeah I got lucky at one point and gathered hashes. However comma… the hashes I obtained weren’t crackable with the rockyou.txt.

There is an easier way to obtain the hashes without actually listening on the box… I DO NOT know if that’s the right avenue of approach though.

please pm me how to get user

Finally, get root.txt I’m finding the way to get root shell. special thanks @clmtn for hints on user part. Feel free to PM me.

Hi chaps
Am new to this lark, although a seasoned programmer. Spent over a day on this one, guess it’s not a spoiler to say I have some usernames and credentials.
WTF do I do with them? I tried the obvious but just doesn’t get accepted.
Would love a PM if someone wouldn’t mind, I know there’s something massively obvious but I’m out of sanity.
Thanks

@nigs read this post from the start it literally has everything.

Got root. Have to say that I found this box a bit hard due to my lack of knowledge in most of the tools needed…reading this threat I thought root was going to be piece of cake and it turned out quite hard. Harder than user in my opinion. Indeed root is “fun” but without the hints in this thread and google I would not even imagine that that was possible. There is a blog out there with everything you need to get root flag and shell.

In the box currently the way the web page “told me” to do it… Very little experience with ld** and using td* to get the hashes everyone seems to be talking about… I’ve tried running td* with various flags, and have been stuck for quite a while… Anyone willing to point me in the right direction? Been stuck on this for weeks and rooted Fortune in between in the meantime because it was easier than this, lol.

@Farbs said:

In the box currently the way the web page “told me” to do it… Very little experience with ld** and using td* to get the hashes everyone seems to be talking about… I’ve tried running td* with various flags, and have been stuck for quite a while… Anyone willing to point me in the right direction? Been stuck on this for weeks and rooted Fortune in between in the meantime because it was easier than this, lol.

There is something that loads slower than expected every time you open it, is the box trying to tell you something?

Type your comment> @ClaudiuGeorgiu said:

@Farbs said:

In the box currently the way the web page “told me” to do it… Very little experience with ld** and using td* to get the hashes everyone seems to be talking about… I’ve tried running td* with various flags, and have been stuck for quite a while… Anyone willing to point me in the right direction? Been stuck on this for weeks and rooted Fortune in between in the meantime because it was easier than this, lol.

There is something that loads slower than expected every time you open it, is the box trying to tell you something?

Phenomenal hint. Thank you, my friend.

Hi,
I managed to get the root flag by using o******. Still, I don’t really understand why what I did worked. I’d appreciate it if someone could PM me and help me understand.
Thanks

Edit: Nvm, I mixed something up resulting in odd behavior.

Ugh, this L*** mess is driving me up a wall.

Can someone PM on getting root.txt I have all the necessary components, just confused on how to use them! The components are the output of being able to decrypt the b*****.**

hello , any hint in how to use t******p i dont capture nothing on it , can you pm please thank you

Was a good challenge. User was fairly easy, so was root. Learnt a couple things.

User: Play around with everything you have at hand. Unexpected things might be true for this one!

Root: You’re fine as long as you know what you are capable of doing.

PM me if you need a hint :wink:

Having trouble figuring out first user, would anyone mind PMing me with a hint?

ProTip for initial user: Don’t overlook the obvious. If you spend 2 days bashing your face into the keyboard and you’re not gaining creds, TAKE A STEP BACK. I just managed to get user and I cannot believe I (and so many others!) had overlooked something so blatantly obvious!!!

Got root flag thanks to @Layle and the rest from this thread. Learned a two new things that I will for sure keep in my arsenal.

Hi, I think I overlooked something in my tcpdump I have one day to check this and I’m feel so noob, I can not figure out how to get the credentials, I have try several methods and sniff the traffic in eth0 and lhost but with no success can some pm please, thank you

Anyone have recommendations for a wordlist for backup.7z ?