Official Intuition Discussion

Bro i am struck in this part →

root: Check ur open ports, u will get file check all notes u get, u will have uncompleted password, create a script to finish the ****, then u will have password. check some logs for the user lopez , after that check programs that can sudo with no passwd, reverse the binary, understand json formatting. follow the code, finally add ur command injection skills on the tar file name, then boom u r root

please help me out

i’m stuck too in the 1st run part i try recompile to bypass the auth_check or setuid but nothing work someone have a hint i don’t really understand ‘u will get file check all notes u get, u will have uncompleted password, create a script to finish the ****’

Any one can help me with rooting … can’t get root shell, i did some rev engineering on the binary and crafted a simple json with action set to list … am i missing something? how can i get a root shell?

got it :slight_smile: … i needed to carefully read the code when reverse engineering

Ive tried a couple things for root at this point. Im out of ideas.

My tar file always shows up corrupted with the tar method.

Can anyone send me root tips. I maybe making my tar file wrong or im missing something.

Also what is everyone using for Reversing ? Ghidra fine?

@StuPurp Thanks man, that was very helpful.

@hnathan26 I found what was needed after lots of tries and another hint, but how did you know to look for log files? And more specifically, how did you know to find that one file?

Edit: rooted! Thanks everyone for the hints, I don’t think there’s anything else to add. I’m just not sure if there was a “proper” way to reverse engineer the thing needed for root?

I can’t access to report.comprezzor.htb. is it right…?