I was able to access the system as a user, any hint to elevate privileges?
Iām having problems with ssh where the id_rsa doesnāt match. It is clearly the correct one. Iām using nano. This box is taking 12 hours for me to finish, Iām running out of time. Any clues are appreciated. If not, Iām going for another 12.
What is the exact error you are getting? I assume you did āchmod 600 id_rsaā? Make sure that the id_rsa file follows the layout you would find on Google Images.
1 Like
Load key ām*****l.priā: Permission denied
I gave the file read and write permission for root access.
The name of the file shoudnāt matter. The fact that you got āPermission deniedā makes me think that the id_rsa file might be owned by root, but you are running ssh with a user account.
You can DM me screenshots of your commands + results and maybe I can diagnose the problem.
2 Likes
I checked the google image and saw that instead of .pri, I changed it to .key and it worked. 
heheheh
I will if I get stuck on the second one. Thank youuuuuu so much. <3
Hello, Iām having problems with the LFI
Can someone help me to see where to apply it?
This box was very enjoyable. Honestly, I wasnāt that familiar with DNS enumeration so it was a bit difficult to find the right subdomain. After that, everything was pretty straight forward. I did have an issue with the id.*** file. Just make sure the file is spaced/formatted correctly. I really appreciate the help from @JacobE and @Nevuer .
User: Enumerate until you find all three subdomains . Look out for any trick from the subdomains. Once you find the correct subdomain, look for a common vulnerability. Use that vulnerability to get a user login.
Root: Check what permissions you have then research that service and find out how to escalate your privileges.
2 Likes
Please elaborate a little, I did find the p******-p******.t****.h** subdomain and also r***.t****.h** but not the other one. I have tried the DNS enumeration, XSS, ia also have admin login on the above mentioned subdomain but i dont understand how to get the other subdomain
the conf file is disappearā¦ how should i proceed?
why do you think it keeps disappearing? Maybe thereās something going on on a regular basis. Thereās standard tools to monitor such things, and then thereās tools that work in a similar way but are specifically tailored towards our requirements.
I couldnt exec pspy64, btw i solved at least, thank you
1 Like
The same thing happened to me. The cron is on and it gives you one minute to edit the conf file. 
vhost enum is your friend.
1 Like
Hello All
Rooted !
All you need is here ! 
Nice Box, got Privesc whithout help ! so happy
2 Likes
rooted, nice box. 
1 Like
Hi,
I know if I edit that conf file, Iāll get root but whatever I do, I canāt edit. The time I open with nano, nano tells me the file is not writable. What Iām missing?