Official Delivery Discussion

@WhItE0DeVil said:

is there any tip for privesc

Enumerate. Find a way to access the place which stores things. Dump the useful stuff. Use a custom wordlist to crack. Become root.

Type your comment> @TazWake said:

@WhItE0DeVil said:

is there any tip for privesc

Enumerate. Find a way to access the place which stores things. Dump the useful stuff. Use a custom wordlist to crack. Become root.

y> @TazWake said:

@WhItE0DeVil said:

is there any tip for privesc

Enumerate. Find a way to access the place which stores things. Dump the useful stuff. Use a custom wordlist to crack. Become root.

Your cool man i will try it

i have tried a lot its gone for 3 hrs
network error
vpn connection error
and no files are getting up it just ruined my day :disappointed: : (

I made it today as a first solo root machine - I’m kinda learning :slight_smile:
It was after all a lot of fun and it made me realise how important it is to read EVERYTHING :slight_smile:

delivery ctf
i have got the hash for root its password rule is P***************! right
i have given it in rockyou but it cant crack it
any hint please

Got The Damn Root Its a new experience
and thanks to all who posted hints and helped others

thankyou guys

Great Box! :slight_smile: PM for nudges.

I seem to be stuck at the last step to get root. I have the h*sh and I know the hint but I’m stuck on how to work with h*****t.

:slight_smile:

Nvm, seems like running h*******t with -f solved the issue.

Rooted.
Respect to @ippsec as always.
This box was more of a riddle than a hack in some ways.

Can somebody help me with root?

@GoodUngarbage said:

Can somebody help me with root?

Dump the right things and crack them. Don’t overthink the wordlist.

In mattermost: “This server does not allow open signups. Please speak with your Administrator to receive an invitation”. Its ok?
Solved

@romkasv said:

In mattermost: “This server does not allow open signups. Please speak with your Administrator to receive an invitation”. Its ok?

Yes

Rooted!

The tips in this thread are more than enough to pop a shell and privesc, although I will admit the initial foothold is a little annoying and makes you think in a “different” way than most boxes.

Feel free to P.M. for a nudge :slight_smile:

This machine was a waste of my time. The process to get access to view your ticket simply doesn’t work, until it suddenly logs you in out of nowhere.

@h00psn3k said:

This machine was a waste of my time. The process to get access to view your ticket simply doesn’t work, until it suddenly logs you in out of nowhere.

That might imply someone has attacked at the same time as you. It shouldn’t “log you in out of nowhere”.

Rooted. Unless I followed some unintended way, I don’t see why it’s rated 3.9 in CVE. I was thrown off by an exploit published for the foothold service (albeit wrong version) around the time the machine was released. Otherwise, pretty fun one.

Hey Guys im stuck on user.
I just can’t find a way to log in with the email I got from h*******k…
Can someone please give me a hint?