@s1lv3rst4r said:
Oh dude who posted that qr ?. I thought it was related… Man that calculation
EU VIP 14 ? I did question the math as well !
Anybody able to get a successful ssh connection for t******? Adding my key to the authorized_hosts file doesn’t seem to work…
@Brogramm3r said:
Anybody able to get a successful ssh connection for t******? Adding my key to the authorized_hosts file doesn’t seem to work…
Worked for me without issues. I noticed though, that the authorized_keys often gets overwritten by others (instead of appended). So, maybe you run into a race-condition 
Nice box
My Hints:
User: follow your instincts and the name is the obvious path. Remember when you get into the box, remember the information that you get before.
Root: Is a pretty classic priv esc. When you execute something you could check it with pspy or something similar. This part remember me the OSCP
hahahaha thats good hint hahaha
Rooted !
You can PM for nudges
Nice box to be honest.
For user: you may need to combine more than 1 method.
For root: look carefully for something interesting.
got user ! \o/
now time to root
pm me for any nudge 
Nice Box feel free to reach out if you need help
Great Machine!
So much basics to remember, thanks @Cedgar for the right view, and thank to creator for the challenge…
Hint for root, you can put yourself in the middle to gain access, you just need to see what runs step by step.
i got stuck i did try diffrent payloads and i got few paylods that work with login page but the upload isn’t work i did try double execution and meme but nothing
hey LOL stop resetting the box .No needed
Type your comment> @MariaB said:
hey LOL stop resetting the box .No needed
I’m glad I’m not the only one that’s noticing that.
It’s being reset so often that I ended up automating my way back to the user.
nice and fun machine. rooted. @TRX thank you!
pm for tips, if needed
Rooted!
Was a nice straight forward box.
Tips for root: try r2-ing the weird looking file that you find. Do some googling about the file. Combine both, and you’re bound to find something useful.
PM if you need a nudge.
Nice box overall. Sailed through initial foothold and then user pretty smoothly.
got stuck on root for a little while.
It happens when you overthink very basic stuff and go on a wild goose chase.
my hints:
Initial foothold: pretty famous vulnerability on the start of your journey, use a famous tool to exploit it and make sure to get what you can.
User: back to the first step, have you got everything?
Root: look for juicy file permission with something not coded in the right way, set your guns in the right place, then shoot.
I wasted some time on foothold but made up for it with a quick root
Finally rooted!
It was a cool box, but it really felt like I was fighting the resets majority of the time.
You really don’t need to reset every 15 minutes.
Foothold: A recently retired box did the exact same thing for the foothold.
User: Follow the cred trail.
Root: Linpeas, pspy, and their hints on Page 3: @guanicoe and @Termopan
$./automate.sh
listening on [any] 4444 …
connect to [10.10.15.0] from (UNKNOWN) [10.10.10.185] 43842
listening on [any] 5555 …
connect to [10.10.15.0] from (UNKNOWN) [10.10.10.185] 37246
root@ubuntu:~# id
uid=0(root) gid=0(root) groups=0(root)
Rooted !!
Cool Box ! Kudos to the creator @TRX !
PM for nudges !