could someone help me with user im not sure what to do rlly
For user: Enumerate the target, read known exploits for potential footholds. One good resource that has pretty much all you need for user is HackTricks - HackTricks .
1 Like
Could you please give me a hint about root? I already have the password but Iām stuck
Feel free to DM for nudges but please do tell where you are and what you did. 
1 Like
Not a bad box overall learned some new things! First medium box pwnd!
1 Like
Okay, I take it back - donāt DM me for user unless you have no doubt you tried everything you know. Sorry, fellas, but I was NOT expecting my inbox to get this flooded. You can DM me freely about root, though.
In either case, make sure to give me all the details of what you tried and what the outcome was. I canāt help you if you donāt tell me what you tried.
3 Likes
this was a difficult one for me but still owned and funā¦
I donāt really understand how they classify these machines. I guess iām still a noob after all these years lol.
initial- look around the site, youāll find the attack vector pretty easy if you wanna work with them
user-this was the hardest part to me, finding the path was easy getting it to workā¦ oh manā¦if you chew on it youāll eventually find the magicā¦
root- all about your options and the stuff at the libraryā¦typical sudo checks will get you started
pm me if you want assistance, iām around to help.
5 Likes
samee 
Search for vulnerability related to Shared library misconfiguration
2 Likes
rooted the intended way! thanks to the guys keeping me in the right path! good machine and learned alot! great box!
To those who are struggling with āNot Foundā. Try to zip the file using the command line.
1 Like
help regarding user, is uploading the right path? i tried so many ways
some one always delete file when I want to gcc the exp
I tried many times to write the exp file
Summary
people I met on the machine even start **
hey give me a dm let me know what you have tried , i can try and give you a nudge.
1 Like
Fun machine overall! hmu if you need a nudge! Iāll do my best to respond!
Not gonna lie Iām really struggling here. Spent the whole day trying to get user, but canāt get the uploaded file to get executed. Tried every relevant trick I found on https://book.hacktricks.xyz, but I just canāt get it to work. Would really appreciate some guidance here, if someone could DM me.
Rooted. If anyone needs some help getting root feel free to dm me.
finallyyyy roottteeedddd ::)), box which is quite stressful, but I got a lot of new lessons, feel free to DM
2 Likes
think about how the upload system works, when you do a zip upload, the system requires that there is a pdf file in it, maybe you can insert something in the zip???
1 Like
samee here :((