Official Trick Discussion

Im at a loss on how to manipulate the XSS. Can’t seem to find any JS commands, and this doesn’t seem like a cookie theft/forgery kinda box. Can someone pm me with help please?

i am in as root or should i say i have root access but cant seem to find any flags

just got access hurray!!

Hi guys, I am using metasploit to rename then upload the new file for privesc to root. I verified the file is correct, but still not getting root after 3 attempts. Any ideas? I can do it all plus the 3 attempts in approximately 20 seconds.

Looking at PSPY i get ICMP port unreachable. Doesn’t matter which port I use…

I am trying priv esc soo much, i have edited the .conf file and added my commands in it, but still i don’t understand why those commands are not running. Please help me. i have created my bash script to automate the task and it takes hardly 30 seconds to execute the complete process but still those commands dont seem to run whatsoever.

I tried priv esc, i edited the conf file via my own bash script but still the commands arent running. Please help

you should be careful and look again. you can change some f2b config.

you could use pspy to monitor root activities and know the directory.

Nevermind, it was a rabbithole.

I forgot to actually DO the command that is found in sudo -l

It’s worth checking out Pspy to debug what the services are doing on the machine. Also, in the conf files it states somewhere that the service must be restarted to take the modified file into account. Don’t forget what sudo -l told you. PM me if you still need help. I’m at work but will do my best to respond.

1 Like

Thanks, Rooted :people_hugging:

1 Like

I found L** vuln but bypass not work…
Any hint?

Don’t work for me… Any hints?

Hi! Try using some of the hacktricks bypass techniques on BurpSuite:

Hi,
I tried (File Inclusion/Path traversal - HackTricks) any combination to bypass filter L** but don’t works…
Any hint?
Thanks
Cuz15

I tried all possible combinations but not works. I tried automatic tool named dotdotpwn but not works!!

Any hints?

I wish I could help you more, but one of the bypasses on that page worked for me.

boh… I stuck… I’am crazing :slight_smile:

I’ ve a doubt, maybe the creator of the machIne has patched the vuln L**?

I don’t think so, I did it 2 days ago