Official Paper Discussion

been staring at the lin**** output for an hour. Crontab doesn’t work. CVE 2021*** doesn’t work due to malformed version number. I’m not seeing any other way to root this…

POC not working either…

I had fun figuring this one out. The initial foothold took a while, but once I saw the first clue , I couldn’t believe I missed it. The process of piecing all the small bits together was a blast. Privilege Escalation was fairly straight forward.

Finally rooted it! Great machine, probably my favorite ever! Respect!

1 Like

Amazing Box :package: pretty easy root but for shell had to do some enumeration. Overall it was fun :fire:

1 Like

Good box. Really took me back to the basic on enumeration.

For root : Plz DM, i am struggling with priv exploit, it creates the user, i can log into it but cant sudo bash ?

Just rooted this machine.

I would consider myself a beginner and found this easy at parts and hard at others. PM if you need any assistance/nudges.

This was a fun box, feel free to DM or reach out on Discord (same name) if you need a nudge.

Fun box, thank you! Should root have been that easy? :thinking: I was able to run the *.** file as soon as I ssh’d into the box with no issues, no enum required?

Paper is a great box, and funny as well (and my first ever…), yet I was brainfu**ed when trying to log as root… :smiley: LOL
PrivEsc - If your session hangs forever when switching users, or you fail to cr**** a **** DM me for tips.

1 Like

I found the flag in *. but now i dont know what to do next . Can somebody give me a hint what to do next

bruh i got the user flag . When i logged into the system via s** the system is only showing me 4 files h***** s**** ur.t and bot restart.sh and nothing else .I explored all the files but no avail.
please help ;-;

hey bro got the user flag and I have no idea what to do next

hello everyone. I got as far as finding what I needed to add to my hosts file and was able to find the additional paths via dirb. I cannot access those paths on the browser (I get 404), but I can wget those paths. Is this expected behavior? any pointers?

Rooted!
Getting a foothold was very entertaining! Big THE OFFICE Fan here!
Hint: Just keep talking, everything is right in front of you, read all the lines! Then you’ll know what to talk about

Root wasn’t much as fun! Had to redo my exploit several times for it to work!
Updated Tools are required !!

DM me for a nudge!

Really need help getting the password out of the one-eyed friend…please DM me

Thanks