Interesting box… I liked learning about some new techniques, not sure I enjoyed the guessing part, but I guess sometimes you need to do that even irl. Thanks for the box @OscarAkaElvis , had fun!
Can someone please tell me or pm me regarding the step after cracking the pass in cap file?
i think i found something (maybe not) in the decrypted data and dunno how to use it .
tried to enum the dns but how can we “dig” if we have no domain name.
Thanks !
Oh thanks for the tips guys finally got root !!
The guessing part just wasn’t mine hehe , and the pain i needed to overcome to get root with the privesc(do****) uhhh (anyone who thinks he got the easiest method to privesc please pm me)
thumbs to the creator and definitely gonna use the airgeddon !
Thanks
this is one ■■■■ of a box, ■■■■ fun working on this one, i learnt a few nice things working on this box, priv esc is nothing compared to the initial work required to get user flag,
any help required feel free to hit me up on discord [ vrvik#7626 ]
In general have to say the machine was good, it had different things going on and the story in general was also pretty cool.
However, I still have mixed feelings about that “jump” you have to do in order to move on. I would suggest to the people who are struggling with that bit (you know when you’re there), to actually follow the story-line that is being told through the various machines. That, along with some basic enumeration (and some simple guessing, use what you have!), can point you in the right direction.
Hey guys, I found a specific header that gave me a possible hint on where to go. (As said before in the thread, a dev-like tool). There’s an exploit module on MSF but after sending the requests, the server answers with a RST package. I was trying to abuse this manually, but I’m having a nightmare installing the needed tools and whatnot, so much that I am no longer sure if it is just a rabbit hole. If this is the right way to go, may I ask a little help with the set up of the environment and everything, and if it’s not, any hints would be appreciated.
I didn’t read through this thread, so I’m not sure what was said here. The box isn’t hard in-regards to enumeration. Everything is almost always in front of you (i.e. where you land, you can obtain the clues/creds to move forward). The tickiest part for me was understanding where the .cap came in because (although I discovered/cracked it very quickly) I didn’t think to use it’s information in that manner. Everything was straight forward. Ending was super easy.
I’m open to give hints to folks that need help. Please PM me, if so.
I’m somehow not sure why I am not able to get a shell using the msf/py exploits available. Reached out to many of them, checked in wireshark as well. Everything seems fine, but somehow, something gets fucked up and I get an RST from 10.10.10.83, which is very weird.
Ok, I have a shell to this box, I cracked what could be cracked, but I don’t seem where to go from there. I know that I am on a limited environment, but I’m not sure if I should escape it, abuse it, priv escalate from there and I’m running out of ideas. Any hint?