Official Knife Discussion

Type your comment> @decrypto said:

I tried the s** route as well and gave up pretty quickly. Found while it would be nice and stable didn’t need it.

Yeah now I’m reading up on the food making process, I’ve narrowed it down, I think I’m close.

Finally gain root access !!!
All the hints are already given in this forum… But if you are stuck, feel free to PM me, I will help you with pleasure without spoiling…

Rooted!

root@knife # ```

Overall a very _very_ beginner friendly box - which I think is why the ratings are the way they are. Could the foothold have been more difficult? For sure.

## User
I got a little lost in bad habits from prior boxes. Once I reached a dead end I had to go back to the drawing board after which finding the vulnerable piece of the puzzle and your key is not hard at all.

####number one tip is to make sure to consider *all layers* of the attack surface.

## Root
Your nose should pick up a scent after some very very basic enumeration within your user shell. Either manual or automated testing will lead you to something that can be used to your advantage,

Google + documentation reading is your friend here. Think of what will benefit you the most and figure out how to (ab)use it. **Hint: a full TTY is handy here**.

Feel free to P.M. for nudges! GL :)  

Hi all .
I am a noob and this is my first box.

I did nmap and nikto scans, but i am unable to move forward anywhere. Any hint would be helpful.

This is really an easy machine, rooted in around 30 minutes. PM me if anyone need a nudge.

Hi,

is it normal that all ports appear to be filtered on this one? I tried all my firewall bypassing techniques, tried different scanners, still no luck. Quick feedback would be nice! :slight_smile: EDIT: I’m unable to ping the target, but this could simply mean it does not respond to icmp requests, hence firewall.
EDIT2: nevermind, did not notice that I had to change VPN servers to release arena^^

The foothold was so simple that it made me self doubt my skills

Rooted, thanks @XMallory and @c4r50nz for some nudges…foothold is a bit hard but root is straight foward just read the manual and a bit of googling to create the payload

Nice enjoyable box. it should just be all enumeration and reading documentation.

I hacked something that worked enough for me to get root, but I’m sure there’s a more elegant way, but my way worked enough

I ned help to privesc please

Type your comment> @Aquilino said:

I ned help to privesc please

rooted thanks @busshi for help me

We are connected!
id;hostname
uid=0(root) gid=0(root) groups=0(root)
knife

hours trying to privesc, i need help please :neutral:

I’m having slight trouble with getting root. I have identified the vector. I think my syntax is incorrect potentially. I’m using the e**c command is that right? Can someone give me a nudge please

Yeah, I’d love a nudge on priv esc. if someone doesn’t mind. I’ve been trying a lot of commands and variations of commands to abuse the utility. Not sure if I’m 100 ft. or one inch away.

FWIW, initial foothold was kind of “fun.”

Type your comment> @kurogai said:

Need help with root part, i think i missed something, but need help

check what the user can do and read the help option> @maru37 said:

Yeah, I’d love a nudge on priv esc. if someone doesn’t mind. I’ve been trying a lot of commands and variations of commands to abuse the utility. Not sure if I’m 100 ft. or one inch away.

FWIW, initial foothold was kind of “fun.”

you can read the documentation online for more detail and then just use it to execute payload

Done. Nice box - path was straightforward but involved trying some new things. Thanks @MrKN16H !

first time doing it on the release arena and manage to get the user flag and working on root…everything is there for the foothold and user flag. just need some Google-fu here and there

User done…

I’m struggling with root. I think in the right place just struggling to understand the usage/syntax needed with the k**** command. Can anyone nudge any pointers or docs which are useful pls? I assume one of the commands in the help list is what I need to use

I just cannot connect to the machine, I tried different VPNs but still no luck. The machine is always unreachable. Is the machine only for VIP members??

Type your comment> @zvfhxxxxz said:

User done…

I’m struggling with root. I think in the right place just struggling to understand the usage/syntax needed with the k**** command. Can anyone nudge any pointers or docs which are useful pls? I assume one of the commands in the help list is what I need to use

Never mind. I was a fool and didn’t add the flag after the ***** ***c command :slight_smile: