I DM’d you the exact method. Here in public I’m gonna try to explain without giving too much information.
After getting a user shell, I used peass to scan the machine. In the peass log, there’s a binary you can easily find on GTFOBins. Execute it following GTFOBins method. There it is, you’re root. No need for SSH tunneling or whatsoever.
I saw right now, maybe this box wasn’t cleaned properly, looks like there is still artifacts of the machine creator
Finally get the root just took me four days and a lot of reading. Thank you guys who share some tips here, everythink as you say is straight forward.
After I connect to amay from ssh used burp to escalate priveleges by adjusting payload.
Reconneted and I had root priveleges just called: sudo -l and see that its says that I don’t but when I call straight forward for cat /root/root.txt
I get the root key.
I hope I didn’t spoil that with too much speaking.
Thank you for everyone and the creators see you on the next machine.
Best Regards Al
Hello guys i have got problem with reverse shell. When i sent contact form i have information " failed to submit form. Please try again later." It is normal ??
No, restart machine
After restart still i’ve got the same problem. I don’t know what i am doing wrong … 
Maybe change VPN
It was the first thing i was try but nothing change . Btw i will try today one more time when i come back home
Dont spent time to put it, just call it man its already there
Try sea.htb instead of IP, it was my mistake when making the script.
That has been patched, it is also a very easy route.
Hi there!
i need help on initial foothold, please.
I have found the cve, i have found the python exploit, but my js doesnt work.
I can see the get request to my xss.js, but nothing more.
i think my xss.js is ok..
NVM! It worked!!!
THe exploit is not working literally, I tried all methods…
Hello. Can someone help me on capturing the traffic while doing port forwarding?
The browser keep showing malformed reply from socks server while burp. (anyone facing same issue?)
Local port forwarding is working fine but I cannot intercept the traffic this way.
hello my friend, i am curious to know how other way did you find could you give me a hint (i already resolve the box it s only about curiosity) thank you!!!
Cool machine ! If someone need help, pm me!!
You should try port 80. Try the Metsploit tool.
I have the same problem but something is wrong,
We have to think outside the box.
I have the same problem but something is wrong,
We have to think outside the box.
But can you tell me why is my xss.js file not sending to host??