Got there in the end after pretty much over complicating everything for root! Keep it simple, back to basics.
root@ubuntu:/root# id
uid=0(root) gid=0(root) groups=0(root)
Got user a while ago. cant seem to break through to root. Trying to decipher cryptic hints on here. If anyone is willing to give a nudge please dm.
I managed to bypass the login page quite easily but i got stuck on the upload file thing i managed to upload only jpg files and i quite seem to not find how to upload a reverse shell , any hints ?
Can someone give me a nudge on root? I guess I found something, but I’m not sure about it.
rooted 
Type your comment> @MrD4v1d said:
I managed to bypass the login page quite easily but i got stuck on the upload file thing i managed to upload only jpg files and i quite seem to not find how to upload a reverse shell , any hints ?
I didnt try the box yet, but the name of the box reminds me smth…
Rooted. Nice simple box. Getting the correct creds took the longest. User - “When the seagulls follow the trawler, it’s because they think sardines will be thrown into the sea”. For root standard scripts will reveal something and take note of file permissions of it.
FOOTHOLD: Pay attention to the format, an image can contain a lot of information.
USER: The first password seems to be useless, don’t use it to for sudo, try to understand what it connects to and how to access the service.
ROOT: Some commands shouldn’t be run in that way, maybe you can customize them?
easy one ,
Hint For User: you can always inject something 
Hint For Root: enum your way in
awesome box, learned some new tricks, thank you to those that nudged me great box
rooted. It’s an excellent box for OSCP learning with decent difficulty.
Root: Just a basic tip. Watching pspy during executing a command is a good way to know what other commands are called.
i got wwwdata, I got some my*** credentials but i dont know what to do with them
Ok i took some notes now so im gonna also give some tips in here:
foothold: It’s very easy. After that think of the machine’s name
user: There are many different programs installed with which you can use with your information to get user.
root: Look if there is something unusual. Spy to find out what it does or look at it’s text to look how it does things.
im on the verge of breaking my computer im stuck.
@BE4VER said:
im on the verge of breaking my computer im stuck.
stuck on image upload all im getting is “What are you trying to do there?” fucking bs
i just gotta calm down and enumerate.
Type your comment> @BE4VER said:
i just gotta calm down and enumerate.
no enumeration needed to upload shell. Focus on the headers
Type your comment> @ciberpapi said:
i got wwwdata, I got some my*** credentials but i dont know what to do with them
Check for alternatives no need to login to u can get what ever u want
stuck on shell upload! pls pm for hints !
Very nice and easy box, root got me digging some rabbit holes. It was good learning experience. The hints here are sufficient, but still happy to help if anyone needs a nudge.