Official discussion thread for Perfection. Please do not post any spoilers or big hints.
i can’t able to access the machine and i have connected using vpn and i can see it on dashboard
10.10.16.1 icmp_seq=1 Destination Host Unreachable
Anyone have a foothold ? I have discovered one single possible entrance however can not for the life of me figure out a way to exploit it as I have tried my known methods, anyone got anything so far?
Got user, but stuck on the potatoes.
I am having trouble getting a foothold, any hints anyone can give me?
Anyone able to help with the privilege escalation, I have found some useful information however struggling to use it
can you help me with initial foothold ?
Just rooted ! nice and easy VM
I am facing issue to resolve the ip in /etc/hosts because of which burp is unable to intercept someone tell me what to do
can someone give a little hint to initial foothold
for command injection, try with one of those operators
I have recently found the way to execute commands but still fighting for the user flag.
Such a nice machine!
Foothold: You must calculate 7 times 7 in a new line.
Root: Just read linpeas output carefully and do not use custom scripts (like i did xP) give it to the hashmeow xD with properly generated wordlist instead of rockyou.txt.
Rooted. Great easy box. Learned a couple new techniques. There is enough clues in this thread to you user and root.
PM if need more clues
Rooted, If someone needs help, send me a dm
Rooted. The only thing that helped me is that one of the boxes from previous seasons had similar security flaws.
Feel free to reach out for help.
Rooted.
Fell free to PM for tips
Because if you code wrong revshell won’t work but a simple revshell with urlencode will work.
cool machine. foothold is very simple. what does it feel like you need to do with that input?
what was a letdown was the fact the foothold leads directly to the user flag and consequently root. theres no in between.
anyway, remember to always check your emails.
any nudges just pm. theres enough info on this thread for you to solve it
Rooted. Agree with Aluche’s answer, once you get a foothold on the user it’s relatively trivial to find the root flag.
User:
- SSTI
- Always check what the software is written in! Google is your friend.
Root:
- Check your mail
- Cat wearing a mask.
- Check your sudo permissions as always.
sudo -l
always comes in clutch
I got a flag but it’s showing 1/26 .is there 26 flag ?