Bro i am struck in this part →
root: Check ur open ports, u will get file check all notes u get, u will have uncompleted password, create a script to finish the ****, then u will have password. check some logs for the user lopez , after that check programs that can sudo with no passwd, reverse the binary, understand json formatting. follow the code, finally add ur command injection skills on the tar file name, then boom u r root
please help me out
i’m stuck too in the 1st run part i try recompile to bypass the auth_check or setuid but nothing work someone have a hint i don’t really understand ‘u will get file check all notes u get, u will have uncompleted password, create a script to finish the ****’
Any one can help me with rooting … can’t get root shell, i did some rev engineering on the binary and crafted a simple json with action set to list … am i missing something? how can i get a root shell?
got it 
… i needed to carefully read the code when reverse engineering
Ive tried a couple things for root at this point. Im out of ideas.
My tar file always shows up corrupted with the tar method.
Can anyone send me root tips. I maybe making my tar file wrong or im missing something.
Also what is everyone using for Reversing ? Ghidra fine?
@StuPurp Thanks man, that was very helpful.
@hnathan26 I found what was needed after lots of tries and another hint, but how did you know to look for log files? And more specifically, how did you know to find that one file?
Edit: rooted! Thanks everyone for the hints, I don’t think there’s anything else to add. I’m just not sure if there was a “proper” way to reverse engineer the thing needed for root?
Same issue, not able to view my report even after a reset
Another machine I cannot do because it got bugged ffs this is becoming to common.
It is completely useless at the moment, when i upload the report it does not get loaded to the server ( i created account and logged in ) even after multiple resets…do something about all of that. Problems are getting to common and i’m paying for that ffs
They get reset very quickly, use Burp or a script to make your actions quick.
More than enough hints in this thread, but feel free to DM for nudge