I got the reverse shell with the vulnerability. I have found 2 users of interest, but I can’t seem to find how to get their passwords.
Can I get a cryptic advice please? Thank you.
Type your comment> @prettyboysteve said:
I got the reverse shell with the vulnerability. I have found 2 users of interest, but I can’t seem to find how to get their passwords.
Can I get a cryptic advice please? Thank you.
You don’t really need a reverse shell. But that aside.
Take a good look around your landing place, use ls, cat and cd to find interesting files.
If necessary, use grep … -e “pattern” to find interesting strings, such as pass. To speed up
Good luck
Can someone PM me, respect up for grabs 
Type your comment> @OddRabbit said:
Type your comment> @ByteM3 said:
Can someone PM me, respect up for grabs
Message me.
Cheers, PM’d
hi,
someone can give me a nudge to find the way to obtain the root’s password?
Please PM.
Same here
Tried nmap, accessd the web part. Tried dirbuster and sshbrute force. No luck so far.
can anyone help me from here please.
Rooted. PM if you need help. This box makes you focus on searching thru the file system
Rooted. Spent like 4 hours on user then got root in like 2 mins XD. Lesson learned: always double and triple check everything.
hello,
I got ja, I’ve seen interesting content in /etc/s…s.d/ja but I I’ve this error when I try to execute it :
sudo: PERM_ROOT: setresuid(0, -1, -1): Operation not permitted
sudo: unable to initialize policy plugin
This is my first box, I think I’m on the right path but it’s weird.
Type your comment> @abdoucoul said:
hello,
I got ja, I’ve seen interesting content in /etc/s…s.d/ja but I I’ve this error when I try to execute it :
sudo: PERM_ROOT: setresuid(0, -1, -1): Operation not permitted
sudo: unable to initialize policy pluginThis is my first box, I think I’m on the right path but it’s weird.
you have j…a or j…y?
Rooted. Happy to help anyone stuck.
I’m stuck on jy. Although I found the m.* p* file, and cracked the S2, I still don’t know how am I gonna manage to get the s_***c to work?
Type your comment> @koussakhan said:
I’m stuck on jy. Although I found the m.* p* file, and cracked the S2, I still don’t know how am I gonna manage to get the s_***c to work?
IIRC the S2 is the one freely readable in the config file of ix.p** - that isn’t actually necessary for the next step despite appearances. You need the output of m***.p** which requires you to call it somehow. To find that you will need to look elsewhere in the box to find more info as to where you need to look to call it successfully.
@abdoucoul said:
hello,
I got ja, I’ve seen interesting content in /etc/s…s.d/ja but I I’ve this error when I try to execute it :
sudo: PERM_ROOT: setresuid(0, -1, -1): Operation not permitted
sudo: unable to initialize policy pluginThis is my first box, I think I’m on the right path but it’s weird.
As in the dozens of previous times this exact question has been asked it is likely to be one of two things:
- you’ve issued the command incorrectly as a result of misreading the file.
- someone has broken the box because they are idiots.
Hi all,
I’ve got user2 and know which 2 commands I shall use to get root, however it always prompted me for password… what’s the reason that It will still require password?
Thanks
Rooted! I’ve spent too much time on user part, because it was TO EASY at one point, and I haven’t seen the most obvious solution.
Root part was pretty fast.
Type your comment> @AnsonS said:
Hi all,
I’ve got user2 and know which 2 commands I shall use to get root, however it always prompted me for password… what’s the reason that It will still require password?
Then you are not using this command right. Re-check, if you use all the parameters that you need, without them it will still require pass.