Spoiler Removed
Finally Rooted The machineā¦ @egotisticalSW nice machine. I got so much headache at the root part, despite doing right things, worked at a time and didnāt work at another. Though learnt new things, nice machine.
One tip for root, make sure you have the right exploitdb page, one works and another doesnt
Have been stuck with root for several hours now, i must be really close but canāt seem to pull it off. Nudges in PM welcome 
hmm, user is really simple, it takes 3 minute, time to root
Thanks to @egotisticalSW for publishing this nice machine
My hint for user and root
- 5 seconds of enumeration and CVE
if this is spoiler, feel free to remove it
Nice easy box.
- User: Enumerate; check for known vulnerabilities
- Root: Enumerate; compare outside/inside āviewā
If you already tried hard and need a hint, write me a PM.
This turned out to be a fun box. Frustrating at times, but Iāve learnt a few new things from this. Root was quite a bit of trial and error for me. As always the box does provide a clue.
Some may find this to be helpful GitHub - tobor88/ReversePowerShell: Functions that can be used to gain Reverse Shells with PowerShell
how do i run the python exploit on victim when python is not installed in it
*if you know what i am talking about
Type your comment> @agpriyansh said:
how do i run the python exploit on victim when python is not installed in it
*if you know what i am talking about
You donāt. How else could you use your code from your attacking machine?
@limelight said:
Type your comment> @agpriyansh said:how do i run the python exploit on victim when python is not installed in it
*if you know what i am talking about
You donāt. How else could you use your code from your attacking machine?
maybe converting py to exe
hi guys
Iāve got user access, found an exe and found a couple of exploits for that exe which relate to the name of the box. so i believe iām on the right track to getting root here.
iāve modified the exploit so that i can run it from my machine, but after running the exe on the box, the box only listens on the required port on the loopback interface (127.0.0.1)
what am i missing please? how do we make this thing listen on its ārealā IP ??
thanks!
can any give me a nudge for root i got user flag
i am really appreciate if you help me
Type your comment> @lightfu said:
hi guys
Iāve got user access, found an exe and found a couple of exploits for that exe which relate to the name of the box. so i believe iām on the right track to getting root here.
iāve modified the exploit so that i can run it from my machine, but after running the exe on the box, the box only listens on the required port on the loopback interface (127.0.0.1)
what am i missing please? how do we make this thing listen on its ārealā IP ??
thanks!
Same situation. Did you figure anything out?
~~Anyone able to DM for a tip? ~~
nevermind, got it.
Just got the User Flag. For root, downloaded the content in Users Do****** Folder. Is the machine name the way to get root? I see a exploit on exploit-db for the file i found Do******.
Hi, Have user. Looking to upgrade shell, however appear to be having what I suspect are AV detection issues. No stderr for further info. Attempting to encode payloads, using veil and shellter, no success yet. Any tips with this, and resources with the latest evasion techniques (now and in the future)?
Spoiler Removed