No bruteforcing required.
@tvgdb congratz on the user
@FlameOfIgnis said:
@tvgdb congratz on the user
Thanks
is there anything i can do with the r***t_r*q ? or is it useless?
@salute101 said:
guys dns as Ippsec usually do it then read as you would read your fav web page
No idea what you mean tbh
Vuln nse script against ldap gave me some “doggy” output. I’m researching into this and hope its not a rabbit hole
@Baikuya: i think @salute101 means to edit etc hosts file
@evandrix said:
@Baikuya: i think @salute101 means to edit etc hosts file
I got that but I dont know how this should be helpful in any way on this box.
Anyone advanced from initial shell to give a hint?
@veterano there are 34 people with users yet, i dont think its late enough to ask for hints yet
Got user. Now going to root.
I kinda stuck on priv esc
Spoiler Removed - egre55
Spoiler Removed - egre55
?
PrivEsc is pretty straightforward once you reach the right user, just make sure you don’t go beyond your capabilities
@fjv said:
PrivEsc is pretty straightforward once you reach the right user, just make sure you don’t go beyond your capabilities
thats a great hint, if only i was capable of getting the user first…
Rooted
Capabilites are the way to go
@fjv said:
PrivEsc is pretty straightforward once you reach the right user, just make sure you don’t go beyond your capabilities
Yes. nice box to learn about capabilities.
I learnt that you also need the capability to remember what you find