Postman

Type your comment> @MrW0l05zyn said:

Type your comment> @q1Z said:

Type your comment> @Icyb3r said:

Type your comment> @verdienansein said:

Found a i*_r**.bak. Is right for User?

yup you are on the right path. :slight_smile:

rockyou is enough to solve this part?

It works.

you are right… just an old john version…

Rooted

Rooted! It is nice for me to always know and learn from a new service. Also reinforce once again the importance of hardening the configuration of these at the time of installation.

Private message if you need help with “Postman”.

Got User. Now going for root!

rooted in 5 mins after user, too easy

Rooted. Root part was way too easy.
Btw, why was it named Postman?

rooted :slight_smile: thx for the hints @MrW0l05zyn & @trollzorftw

Rooted :).

Not a very interesting box tbh. PM me if needed !

Rooted. The initial step wasn’t difficult but a bit confusing if you’re not too familiar with R*d**. The privilege escalation part was a bit too easy for my liking. I’m sure it might hold some value for beginners. If you need help PM me.

Not the best box here, but whatever. I guess the first step could be messy on public…
I got root before user, not really sure if I missed something obvious.

Got root, there’s plenty of hints on here already
Struggled with the last stage for some reason, had everything right but an unknown issue was stopping a connection.
Pm me if you need help

This one was interesting, you can definitely go down a rabbit hole super easily if you assume all public tools will hold the key. This one was one-offed quite a bit and is only easy if you’re super creative.

rooted

PM for nuggets

@rholas Just sent you a PM.

Stuck in M*** user, any nudge for the root? Exploit in msf is not working

I’m not familiar with r**** so I think I’m down the rabbit hole. The obvious exploits don’t work (assuming on purpose), will I need to ‘guess the username’ somehow, or can I find that via enumeration?

Type your comment> @idomino said:

I’m not familiar with r**** so I think I’m down the rabbit hole. The obvious exploits don’t work (assuming on purpose), will I need to ‘guess the username’ somehow, or can I find that via enumeration?

No guessing is needed for this box

@blackwingz44 said:
Stuck in M*** user, any nudge for the root? Exploit in msf is not working

Just exploit something that before getting a user you couldn’t. It Is a common vulnerability.

GitHub > msf
slave is not the way

if it is slaved and you cant write, try
slaveof no one

Rooted, if you think or have a question why not work.
Try to reset machine first.

@_@