NIbbles

@“HeiGou黑狗” said:
Having issues still, got the user.txt. I tried to enumerate and look at cronjobs and permissions for running commands. Am I on the right track looking for commands I can run? I already got a shell out of the box but cant get root or admin access. So with an unprivileged account is looking at file directories in detail a good approach?

i would say ‘enumerate enumerate enumerate’, but that always pisses me off xD, try and find a file maybe, which can pop as root? pm for more info

Spoiler Removed - Arrexel

oh , i did it, but i’am stuck to getting the root ./ any hint ?

@Ju577Ry explore the file system, see if you can find anything interesting to run. (PM me if you want less subtlety)

Reading the thread so far i’ve got the user but not able to move any further.?Tried linuxEnum.sh but says command not found it is my first box any hints where should i be looking? Found personal.zip but dunno what to do with it…

@Megaman said:
Reading the thread so far i’ve got the user but not able to move any further.?Tried linuxEnum.sh but says command not found it is my first box any hints where should i be looking? Found personal.zip but dunno what to do with it…

LinEnum is a script, you can get it from github LinEnum/LinEnum.sh at master · rebootuser/LinEnum · GitHub

If you’ve found a zip file you think is interesting, extract it , look at all the files in there, are they executable, what do they do, what permissions do they have?

my first machine, two questions: first, I got the creds and found the files root.txt and user.txt, but they are empty (0 byte of size). I uploaded the LinEnum.sh file but I can’t execute it. I think I misunderstood how to get the root… second: Why my profile shows that I didn’t get a user if I cracked the creds? what is the user flag?

@ipbsec said:

@Megaman said:
Reading the thread so far i’ve got the user but not able to move any further.?Tried linuxEnum.sh but says command not found it is my first box any hints where should i be looking? Found personal.zip but dunno what to do with it…

LinEnum is a script, you can get it from github LinEnum/LinEnum.sh at master · rebootuser/LinEnum · GitHub

If you’ve found a zip file you think is interesting, extract it , look at all the files in there, are they executyable, what do they do, what permissions do they have?

Thanks for the hint @ipbsec Just rooted yesterday :slight_smile:

Enumerate more for priv esc and this article from g0tmi1k is awesome I suggest you read it
https://blog.g0tmi1k.com/2011/08/basic-linux-privilege-escalation/

Cool. Nice work @Megaman

@MrChrisWeinert @dvnv @jc1396
Any luck with the TTY issue when trying sudo?

I feel this is the last thing to get root. But may be a common fix as i saw the same issue in Bashed, but didn’t end up needing it.

PM me if needed.

Can anyone tell me priv esc of nibbles? I got monitor.sh and I dont know what to do with it. PM if possible with hints

I got the creds for the login page, however, I am kinda stuck how to pivot from there. Can someone PM some tips?

@antione09 said:
I got the creds for the login page, however, I am kinda stuck how to pivot from there. Can someone PM some tips?

What did you log in to? Maybe that’s exploitable.

Nibbles is easy, forget what you read on the net. The shell is very simple both user and root , root you just need to think slightly different the sec video is not going to help you to get root but its very similar just use another type of shell. :wink:

@mercwri said:
I must be missing an obvious reference on the login credentials or something, are they literally spelled out somewhere or is there a clue/reference that should lead you to determine them?

Its starring you right in the face.

Can anybody tell what can I do with monitor.sh? I tried my best

You haven’t tried your best. Think of other ways to do what you’re exactly trying to do.
Its super simple to root (I wasted a few days nontheless) and try basic stuff, just do it differently, no outside the box thinking either.
Also, I think there is something wrong about this box, I tried the SAME stuff the first time around didn’t work and probably the 15th time I tried it gave me a different output. All in all I learnt something so that’s good but I really hope no one else faces the same lol. On to the next box.

For the life of me, I cannot find the login credentials. I tried all default combinations I could find, used CEWL to create a custom word list, nothing works. I tried all the obvious combiniations on the site, but am really stuck. Can someone PM me a hint?

I am just not able to utilize monitor.sh. tried to display the imp contents but it says permission denied. Also keep on getting error
: unable to resolve host Nibbles: Connection timed out
: no tty present and no askpass program specified

Any pointers?