Finally rooted this. What a ride. Willing to PM nudges if needed
This was the hardest “easy” box I’ve come across but not by design.
There were some stability issues as well that made it difficult to get a grip on things. I’m reasonably certain there’s some people who try to brute force things on HTB. Tsk Tsk. That’s not what this site is about.
Looking back I’m not sure why it was so hard. I guess because the attack vectors I’d found did not work as expected and required tweaking. It’s technically not that complicated but was hard to execute for certain reasons.
Foothold was tougher than it should have been but not by design. For some reason the obvious method of getting in didn’t work for me until I made some adjustments. This initially put me off making me think I was barking up the wrong tree.
User. Even after stealing the info I needed to become user I had trouble, again on my end, making it work. Again it seemed like I’d gone wrong somewhere but I needed a little new line char to fix the issue.
Root was a textbook standard beginner type exploit but you need to have your reading glasses on to find it. Tip: enumerate in detail and don’t just look for the easy stuff. It’s right there in the output of your fave enumeration tool.
I must enjoy the pain.