nest

Spoiler Removed

Try ‘help’ to see how
And more importantly, go to the official thread:
https://forum.hackthebox.eu/discussion/2630/nest/p1
And post your questions there (after reading the pages of course)

for rooting, don’t use netcat to connect to the higher port but use telnet…
I don’t understand why…

@azasdf74M said:
for rooting, don’t use netcat to connect to the higher port but use telnet…
I don’t understand why…

Because the service expects CrLf line endings. I think you can tell netcat to do that (I know you can with Putty)

@VBscrub,
Thanks for the clarification and thanks for the box.
I was able to found the crack of the user’s password (c.XXXXh) in the net. But I’m still intresting to know where are the XXXX.VX files which could be used for the crack , in fact I enumerate SXX server with user TXXXXXXX and C.XXXXH and no VX file found

The files are on SMB but hidden a little. You need to read all of the files you currently have access to and one of them gives a hint where to look
@azasdf74M