Official Mentor Discussion

Official discussion thread for Mentor. Please do not post any spoilers or big hints.

waiting for it:)

1 Like

Any hints :slight_smile:

more than 1 hours enumeration , directories , subdomain …
I didn’t found anything :melting_face:

Something in the UDP spectrum maybe?


There’s at least an interesting piece of information there, but it hasn’t gotten me far yet.

Rooted! Getting user was pretty nice! Path to root was a little stupid though. I don’t understand what the rabbithole was for.

1 Like

can anyone give me a hint on getting foothold?

I have user and just a bit of lateral movement, still looking for path to root. Really nice method to user though, I learned a pretty good number of things.

Can someone hint me towards the first part? I have been enumerating all I could think of for about 5hrs, and so far I haven’t gotten anything. None of the services seem vulnerable and I don’t even have a hint of what to do next.

rooted within 15 H :slight_smile:

ah. making some progress. sometimes rather than enumerate for what is there, you have to enumerate for what is not.

aaaaand that’s root, way simpler that I thought lol. As a wise man once said “Trying to find a complicated exploit is dumb, just look for the easiest way to get to your goal and then find out why that worked”

Don’t feel like figuring out how to edit, but it turns out I used an unintended path the user, so I’m gonna spend some time figuring out how to get it the proper way lol

So after wasted time with a typo in /etc/hosts :face_with_peeking_eye: – no real findings in snmp and now hours sitting on the docs of the bay, I would appreciate a small hint or direction for progress

I don’t know exactly where you are right now.

I also spent a long time with snmp because in my footprint stage I hadn’t found anything else.

I had to go back to footprint, but this time I tried different tools that gave me better results.

It is curious how tools that in principle do the same function can give different results.

If you have already been here, and you have found that “something else”, you are probably looking for the foothold, in that case I would tell you to focus on understanding all the existing functionality, because a part of that functionality does not do the checks it should do, and I am not referring exclusively to injections.

I’m sorry if I can’t be clearer, but at this point, it is very difficult to give a clue without revealing the solution.

1 Like

does the machine works.properly

I would say pretty decent box, however the PE part is kind of disappointing. :confused:
For anyone stuck feel free to drop me a PM.

Any hints for foothold? Barely found anything at all :disappointed:

Search in the most obvious port.