Postman

I’m not familiar with r**** so I think I’m down the rabbit hole. The obvious exploits don’t work (assuming on purpose), will I need to ‘guess the username’ somehow, or can I find that via enumeration?

Type your comment> @idomino said:

I’m not familiar with r**** so I think I’m down the rabbit hole. The obvious exploits don’t work (assuming on purpose), will I need to ‘guess the username’ somehow, or can I find that via enumeration?

No guessing is needed for this box

@blackwingz44 said:
Stuck in M*** user, any nudge for the root? Exploit in msf is not working

Just exploit something that before getting a user you couldn’t. It Is a common vulnerability.

GitHub > msf
slave is not the way

if it is slaved and you cant write, try
slaveof no one

Rooted, if you think or have a question why not work.
Try to reset machine first.

@_@

I’m stuck with r***-**i part. Is it necessary to guest the username? It is not possible to follow the steps the way is shown in a recommended book…

Rooted! Thanks to all for the help! I enjoyed learning about the services on this box. Thanks for providing it, @TheCyberGeek!

Rooted,thanks for who helped me.
PM me if you need hint
YaSsInE

I got access with r… user and found the i._…k file.
I have used ssh2john to move it to hash and john to find the passphrase…I got a match with c…8 but connection get closed…for sure I do something wrong, but what?

Type your comment> @garbo77 said:

I got access with r… user and found the i._…k file.
I have used ssh2john to move it to hash and john to find the passphrase…I got a match with c…8 but connection get closed…for sure I do something wrong, but what?

In which directory user.txt is saved? Think and check users.

I try to connect it with my rce py it get connection time out I use 10.10.10.160

Type your comment> @Pratik said:

Type your comment> @garbo77 said:

I got access with r… user and found the i._…k file.
I have used ssh2john to move it to hash and john to find the passphrase…I got a match with c…8 but connection get closed…for sure I do something wrong, but what?

In which directory user.txt is saved? Think and check users.

rooted…enumerate enumerate enumerate :slight_smile:

I am trying to sync redis slave to master but it does not seem to work. Any nudge?

Type your comment> @garbo77 said:

rooted…enumerate enumerate enumerate :slight_smile:

PM me? I don’t understand why I’m getting connection closed.

Type your comment> @garbo77 said:

I got access with r… user and found the i._…k file.
I have used ssh2john to move it to hash and john to find the passphrase…I got a match with c…8 but connection get closed…for sure I do something wrong, but what?

I’m exactly in the same point…

spoiler removed

If you see “connection get closed” then try the password you found elsewhere.

@LoRKa said:

Rooted. The box is quite easy although you can always learn something.
There are too many hints in the forum to solve this.
Something that I have found curious is to see how the author has left all .bash_history with his commands.

Enjoy friends!

:smiley: OOPS! That should of definatly not been left behind! I guess we all make mistakes XD

@thr33per @n4v1n @0X44696F21 Thanks for your kind words! I’m glad you all enjoyed it!

I’have some errors on remote “r***” (for first shell) but not in my local instance is a normal behavior ? .

Rooted. The user was way harder than root.
I got the root in 5 minutes after root ( research included )
If you need some hints feel free to PM me.

Special thanks to @PinkDraconian who helped me in the process :smiley: