I have root, but this flag … not the typical way. I still haven’t found it, even though am root! what kind of trickery is this…
Any nudge on the foothold.
You are probably in a box in a box…
1 Like
Thanks, I had the pwd this whole time. Cleared the box thanks to you.
Hello guys,
Any hint for the initial foothold? I have found the .**t directory and the admin panel location.
you’re real close. Enumerate what the admin panel is.
I’m stuck after the initial foot hold. I have some hashes but cracking them seems to take forever. Anyone I can send me a hint in the right direction?
I know the technology of the admin panel and the version. Couldn’t find any known exploit if you mean that…
Okay, finally got the user!
Tip 1: Don’t google immediately, look around, enumerate, close the scope and then google!
Tip 2: Found, but it needs to be adjusted (don’t re-zip , I spent a lot of time on it, just double-click and edit!)
Tip 3: From now on, it’s straight forward 
1 Like
ok got the user. Enumerated all privesc methods i’ve got in my methodology. Any hints?
Got user, this box is really tricky
1 Like
That dude needs a raise
1 Like
please can u help meto crack the hash?
Identify the algorithm and use a common wordlist
i have try all wordlists i have
any tips after getting j****?
Did you rockyou?
Btw, the user part is very random, but root… Whoever made this box needs a beer, because i can’t stuck more than 3 days on this
Think carefully Alice and try not to fall down any rabbit holes, you may want to ask yourself, are the hashes you have, the hashes you want?
FInally got root, my tips:
Tip 1: Look around: is there anything interesting here? Or maybe somewhere else?
Tip 2: Okay, the goal is found, google how it works, how it can beexploitable and just with this understanding set it all up quickly and it will work!
Tip 3. Okay, where am i now? You almost done, go simple, look simple and the real root will be yours!
2 Likes