Rooted.
I enjoyed, learned some stuff 
Rooted, ctf-y but fun.
Tip for user
- please donāt leave the answer lying around.
Tip for root
- use your keyboard
i continue to struggle with privesc no matter the OSā¦ i got the initial shell relatively easyā¦ but when i comes to building from thereā¦ i always get lost. I use all the enum scripts their is, but i never seem to put things together once inside. Can some1 let me in on their process of attacking boxes, and share their gotoās? please and thank you!
Okay so I found what I need to use to PE to root. Not sure what Iām supposed to do with the c*********.** file. Iāve read about how the NM files are configured but so far canāt come up with anything. A nudge would be appreciated.
so i have an initial shell since morning but i canāt read user.txt. I tried a few things related to ssh but no luck. Any nudge?
Type your comment> @slimz28 said:
Okay so I found what I need to use to PE to root. Not sure what Iām supposed to do with the c*********.** file. Iāve read about how the NM files are configured but so far canāt come up with anything. A nudge would be appreciated.
same boatā¦
okay, so there is something with che***_***. file. but i donāt now how to use that to get priv shell from web shell.
Type your comment> @plusX said:
okay, so there is something with che***_***. file. but i donāt now how to use that to get priv shell from web shell.
Its a file that makes the user know whatās wrong if you look closely
rooted, good linux box, i donāt know why some ppl saying itās CTF-LIKE
Type your comment> @plusX said:
so i have an initial shell since morning but i canāt read user.txt. I tried a few things related to ssh but no luck. Any nudge?
Man, Any hints on how to get this initial shell?
I am following something but looks like a dead end.
@nuxmorpheus01 after your initial enumeration you will find some interesting pages, from there you just have to get your shell onto the server, one of the most trivial ones there is
Pretty straightforward box ! Not CTF-like at all.
PM me if needed
Type your comment> @monkeybeard said:
@nuxmorpheus01 after your initial enumeration you will find some interesting pages, from there you just have to get your shell onto the server, one of the most trivial ones there is
I have found the pages. I tried to use curl to upload my shell. No success.
Maybe the path I am following is correct but I am failling in the execution?
Rooted, BUT:
Got root by simply trying things. Triggered what I wanted, but I dont understand whatās going on in the backstage for that to work. If anyone got root and knows WHY it works this way, pleaze PM!
People are just resetting the box, trolling other peopleās files and abusing root priviledges lol
Itās hard to enum anything when my shell keeps getting killed by other people :Lā¦ Anyways stuck at the initial shell found the user.txt but no permissions. Could use a nudge from someone smart.
Hi all, could anyone help / nudge me a bit with the initial footstep (private message welcome too)?
Iāve got the the point that itās pretty obvious that I need to exploit i**** u***** Iāve just never done it and canāt get it to work (in fact donāt even really know where to begin with it?) Googling didnāt reveal much. thanks
Anyone who could give me a nudge on how to privesc to root? I think Iāve got a general sense of what I need to exploit but even after googling it I still have no clue where to begin with actually exploiting it.
Finally rooted, a couple of interesting steps and not necessarily too CTFāy.
Tip for initial foothold: ābake inā something into something else ?
tip for user: timing
tip for root: play around, see what happens with inputs
rooted!
Foothold:
-Trivial, you learn this in your first boxes
-Find out where to Aim
-Aim
-Go to where you fired
-Shell
User:
Filenames are important
Root:
Just escape the ā ā ā ā
Everything you need to get from Foothold > user > root is always in front of you, no need for enum scripts