Official Cap Discussion

Rooted, if anyone needs a hint, just let me know!

Anyone got a tip for root?

EDIT: rooted, but i needed help with finding the “capabillities”. Never heard of it. Still a noob i guess…

yeah I have scanned ports using nmap and I also Intercepted using burp to find any malicious URL’s but couldn’t find any clue

Look for something to analyze network traffic. Dont know if this is a spoiler.

First box I’ve done in a long time, frustrated by my own fading knowledge and logic rather than any difficulty! As others have said, all the clues are in here.
Would anyone mind PM-ing me to confirm my way is the intended one? I think it is, but based on some comments I’m not 100% so wanting to make sure I’ve not missed the obvious!

Foothold/user: everything you need is in front of you, remember to count as a machine and not as human!
Root: very classic enumeration (the name of the box gives it away)

Thanks for the box!

rooted :sunglasses:

great box, learned some new CaPaBiLiTiEs from zero.

Fun box, I see a lot of people getting discouraged in the forums. Different boxes can be hard or easy for anyone. Don’t compare yourself to other people. Some easy boxes will seem hard and other hard boxes will seem easy. It all depends on the style of hacking that you use.

Here are a couple hints for the box:


“PCAP we’re on the high seas, lookout for SHARKs”


“I believe you have the CAPABILITIES to root this box, keep an eye out for that big snake!”

Hmmn ok i finally stopped trying to be clever and got root.

I was convinced that the way to root was via polkit because of the timing of the recent disclosure.
Basically this box and the high priority/ critical polkit CVE came out at the same time.

I spent a day trying to get priv. esc. via dbus and polkit before I stepped back and put on my thinking cap.
pun intended.

Easiest box I made I think. Here are some hints :smile:

Foothold : start by zero and look at the file.

Root : You may have some capibilities to do this box.

Pretty easy machine :slight_smile: If you need anything write me up!

User: just think how int numbers work

Root: Enumerate and maybe you will be capable.

I somehow manage to get root with exploiting the specific services but I am still abit confuse on how it works, anyone can PM and explain to me, still very new to this

I really liked initial foothold, it was somewhat different compared to other easy boxes.
Root was very easy, just check how to app works (although I’m not sure why people needed any fancy commands to escalate). PM for hints :smiley:

uid=0(root) gid=0(root) groups=0(root)

nice box, root was easier than user
still dont really get how i was able to get the p**** of the ***
Id love to learn, if someone would like to pm… :slight_smile:

Thanks for the box.

Fun and easy box, perfect for lifting the morale after a long HTB break lol Feel free to DM me for nudges

Fun box.
Got little lost on the user part (forgot how to count as a computer :P)
Thank you @InfoSecJack for creating this good challenge.

All hints are on this forum.


User part: i think the first foothold is the most difficult part but its easy to find, just need to keep your eyes open and stay focus.

Root part: easiest part. Intuitive and with the basics of the privesc you can get it.

Feel free to pm for hint

Guys, sanity check on foothold.
Is it regarding HP Repe spl***ing?

This took me quite a while, but then again I am new to this stuff.

I managed to get root at the end, but I did get the system flag before getting root lol.