Hello this is my first live box.
I have a first flag on j…a account. But i do not idea for next steps.
Please help !
Hello, first time player here. Is j****a’s very important secret file regularly reset/re-encrypted by any chance? If it is, disregard my comment. If someone’s manually changing the password, DON’T.
i need a nudge on the right direction to privesc. please , Thanks
I find solution. The first review is the best.
I am root.
Encountering
setresuid(0, -1, -1): Operation not permitted
Am I on the right track? much thanks.
Have J…y shell and found Int…l folder, but no idea of what to do or why it is necessary a new port. Could anybody help??
Noice Box.
Foothold - Enumerate the service. Click all the things!
User 1 - You can always rely on poor practice.
User 2 - And the stupidity of some admins.
Root - Fully underStanding the oUtput of a certain commanD then gtfO -l
Enumeration is absolutely key here. I had trouble with it myself and have retrospectively added some new search queries to my routine so that I don’t get caught out so easily next time.
Got root! Took way longer than it probably should have. I haven’t done any of this stuff in a while this was a very nice intro box to be getting back into it. Thanks to the creator.
Hey Anyone willing to give me a nudge on the script/exploit? Can’t seem to get it to work. Happy to rep. 
EDITED: Just managed to manually inject commands… YESSSSSS…!!!
got user2 creds but couldn’t find a way in. any hints ?
NIce Box.
PM if you need help…)
Rooted…!! The second user was a bit of a chase but once I got what I needed I was golden.
Man ROOT flag was like 2 mins…!!!
Nice box… Good warmup.
im stuck maybe on the last steep, i have shell with w… then i got ssh with j… so next?? some tips? thanks in advanced
Hey thanks a lot for the box, it’s really logical and I learned a bit (yes I’m a noob).
user: I cracked a very easy thing, but fell into a trap for a while trying to crack something much harder which was not necessary. Knowing how things are configured on boxes like this helped.
root: I used almost exactly the same trick as for one of the user steps and got root quickly.
as always good enumeration is super duper important.
Hello. Any possible nudge on the initial foothold on this machine? Everyone saying it is pretty straightforward, but I have found myself stuck here. Any PM would be strongly appreciated!
Update: Thanks madhack for the hint. I should have double checked using another tool to enumerate.
First box rooted 
Any help on a foothold? I’m not finding the initial entry point 
Rooted!
Thats a cool box that teaches you how important enumeration is and good searching methods and practices for the next boxes. (config files are a must, i learned that here)
The most difficult part is going for user. From www-data to user 1 and then to user 2 and getting the initial shell (if you use the wrong .sh it will give syntax errors and its not easy to solve that, at least for me).
Root is pretty forward if you do enumeration well after getting user 2.
Thanks to @clubby789 and to @blink3r for helping me out getting the inicial shell and reach user1.
If you need any hints feel free to pm me.
And remember: The most difficult part in this machine is the beginning. Dont give up.
Is this box dropping connection for anyone else like every couple of minutes?
Rooted, if anyone is looking for a nudge feel free to pm.