Password Attacks Lab - Medium

Hi, good day, I found the passwords for admin, jason, and dennis
but I don’t know where to find root’s.
What to do now? any hints are greatly appreciated.

Advance thanks!

1 Like

I am stuck on this too, were you ever able to find out how to priv esc ?
The regular things do not work sudo -l, find perm, etc… not working for me I think I might be over thinking this.

What did you use to get the password for d***** ?

Found the creds, just need to priv esc.

Can u give a hint what to do after getting J user?

1 Like

Yeah dude. So once you get onto J**** via ssh. Read to document, and look back at the document you go and had to unzip. Once you read it, think about the my**l cmd you need to get onto the server.

Hopefully this helped you. DM me if you need some more help.

1 Like

Okay, finally got it
Let me bring all tips tpgether:

  1. Find a file and crack it
  2. Get two important things form this Document: credentials for one user and the next service you need to investigate
  3. Go to that service and find credentials for another user
  4. Check the new user’s folder, maybe this stuff in there can be used not only for him
3 Likes

I’m at the same point as you - i’ve got some D creds but can’t see anything useful - looked loads of places it feels. Did you manage to get any further with this?

Whats up Chimp. So read the document, it mentions the service you need to logon to with those creds. Look towards the bottom of the document dude. The cmd for that service is in the “Footprinting” module. DM me if you need more help bro.

Thanks @UDrinkincoffee MVP for this task!

1 Like

Got you dude … Good job to you for not giving up.

1 Like

Hey fellas I’m stuck on the on this lab… I have the document and can see the contents but i don’t know what to do from there. I’ve tried to find files related to the document and tried accessing mysql without success and i don’t know how to access the service mentioned in the document. It seems there’s a hint in the document in accessing the service but it isn’t working for me. What should i be doing?

i figured it out… wasn’t using proper syntax

I got the flag! Hit me up if you are stuck. This was NOT an easy task.

John

1 Like

Hello, May i ask some hint regarding privesc? Thanks.

1 Like

Sure. I made notes, so if you have a gmail account, I can share them with you.

They’re are on my Google Drive.

John

1 Like

hi 19delta4u, am badly stuck, got two users, d and m, got Docs.zip but have issue either with PKZIP [32/64] that doesn’t get cracked. Could you share your notes,that might help overall? my email is kabbalah3333@gmail.com thank you

1 Like

shared

:pray: thank you

hi man, I got stuck with root esc. please help, thank you!

1 Like

Message me your email and I will share my notes.

John