guys trying to get into root if i type “sudo -l” i get the following issue, with all the 3 users wwata , jy and J*****a
$ sudo -l
sudo: PERM_ROOT: setresuid(0, -1, -1): Operation not permitted
sudo: unable to initialize policy plugin
Any help for this issue? pls ping me if you have any info, thank you in advance
still in the low-priv shell and just got the mi credential in the d***_s*******.i**.p** file, but cannot connect to that service… am i on the right path?
guys trying to get into root if i type “sudo -l” i get the following issue, with all the 3 users wwata , jy and J*****a
$ sudo -l
sudo: PERM_ROOT: setresuid(0, -1, -1): Operation not permitted
sudo: unable to initialize policy plugin
Any help for this issue? pls ping me if you have any info, thank you in advance
Best advise I can give on the first part - it’s easy to over-think it or over-complicate it. Enumerate well and don’t dismiss something that looks important. Remember that the weakest link is the user.
Any nudge would be way cool. Got user 1 ok, got user 2 ok, and for some reason I hit a wall with root. It looks like it should be straight forward. I checked j******a’s privs, and it looks like I should be able to use nn to get some joy, but it says the file is not found. It doesn’t say I don’t have permission, just that it isn’t there. GTFO B, I have tried every thing in there multiple times, and also no joy. I have even copied and pasted exactly to make sure I am not fat fingering it. Am I barking up the wrong tree here? did someone hide the flag? any help would be super appreciated. Thnx
Any nudge would be way cool. Got user 1 ok, got user 2 ok, and for some reason I hit a wall with root. It looks like it should be straight forward. I checked j******a’s privs, and it looks like I should be able to use nn to get some joy, but it says the file is not found. It doesn’t say I don’t have permission, just that it isn’t there. GTFO B, I have tried every thing in there multiple times, and also no joy. I have even copied and pasted exactly to make sure I am not fat fingering it. Am I barking up the wrong tree here? did someone hide the flag? any help would be super appreciated. Thnx
Same here. I think we can root it once we can do it. Tried GTFO and it gave wt I expected if I can pass through the permission issue. Hope if someone can say "On not permitted" is expected with ja.
rooted.
turn out johny is much more speedy than some single threaded py script i google… . Learn a new thing about web server module and a few tricks on enum. GG.
======================
Hi,
I run into the issue of setresuid(0, -1, -1) when running a reverse shell session from j*a . Am i supposed to crack the passphrase for her ssh account and privesc via ssh connection? If i login with jy, sudo command seems to work fine without the error below. …
sudo: PERM_ROOT: setresuid(0, -1, -1): Operation not permitted
sudo: unable to initialize policy plugin
Feel free to PM if u want some hints. I found what I miss but I dont know why. I wish someone who can discuss with me abt it.
This is a fundamental box which should be kept live all the time for beginners like me. I am not experienced pentester but I can feel it is intended to be “standard”.
It kind of depends on how you are issuing the command. It shouldn’t say this if you’ve used the string correctly. Most times I’ve seen it people are trying to add or remove something from the command they can issue.
However, as with everything on this box, it is possible that some clown has decided to break it to stop others progressing.
@4an7o said:
Same here. I think we can root it once we can do it. Tried GTFO and it gave wt I expected if I can pass through the permission issue. Hope if someone can say "On not permitted" is expected with ja.
When its works, it is trivially easy. The command sequence drops you into a root shell quite reliably. Most problems are it producing a low priv shell or asking for a password. Both result from a slight error in how it is invoked.
Hi,
I run into the issue of setresuid(0, -1, -1) when running a reverse shell session from j*a . Am i supposed to crack the passphrase for her ssh account and privesc via ssh connection? If i login with jy, sudo command seems to work fine without the error below. …
sudo: PERM_ROOT: setresuid(0, -1, -1): Operation not permitted
sudo: unable to initialize policy plugin
ps:i have tried reseting the box
A lot of it depends what you are trying to achieve here and how you have a reverse shell running as that user.
If you’ve been able to gain access to that account, it is significantly easier to have ssh’d in. Then you can use what is effectively a living off the land type attack.
A great mix of cve and crazy sysadmin 2nd user was hardest for me- way overthinking things and didn’t use what I already had for days… Enumerate, pay close attn to what you’ve found and how to use it and keep going, it’ll be grand
Huge thanks to @TazWake and others for the subtle hints and encouragement in this thread. Keep at it and all the pieces will come together. Thanks also to htb and the people that put the time into setting up and submitting the boxes.
So pretty sure I know how to priv esc from user2, but the box seems messed up and though I tried to reset it, it still says last reset was 9 hours ago.