Solidstate

Could need a clue for opening my nc connection as well. Thanks in advance!

use linenum and take a look on suspected files .

@ptz said:
Could need a clue for opening my nc connection as well. Thanks in advance!

Not all machines will support a reverse shell via nc. Research other methods for gaining a reverse shell.

Can someone please nudge me in the right direction for priv esc? Any PMs would be appreciated. I have a reverse shell.

got ssh but still no priv escalation yet :frowning: run linuxprivchecker.py but cannot seems to find a clue from the result.

Hey all just would like a sanity check because I’m a bit confused. The infamous way in by changing the script and reading what it says to do at the bottom serves no purpose right? In other words we can escape in other ways with no script at all. I certainly escaped after reverting the box logging in directly and doing my thing at login time. I’m asking because this is so close to another box I pwned in some other labs (I can’t mention) and you actually needed the modification/script to escape that. Sorry to be so vague. Anyone else find the way in without the script?

Hey all !
Just like @Linoge …After days of enumeration (unproperly i think) i’m stuck… Completely stucked with this challenge. I cannot succed in getting root. I tried Linenum, linuxprivchecker, local linux enumeration from rebootuser.com, g0tm1lk blog about enumeration … but i’m missing evidence i guess. Can anyone send me PM to give me a little clue on what we’re searching for getting root please ?
Thanks

hey guys,
I am stuck in rbash and cant escape, read g0tmi1k blog and still cant figure it out. Rbash escaping is new to me and still trying to figure it out, also cant figure out how to get linx enum scripts on the box, rbash is limited alot of ideas, and help would be great or a PM,
I already googled about escaping rbash and all sources of stuff, maybe having a disconnect here

@redteam611 said:
hey guys,
I am stuck in rbash and cant escape, read g0tmi1k blog and still cant figure it out. Rbash escaping is new to me and still trying to figure it out, also cant figure out how to get linx enum scripts on the box, rbash is limited alot of ideas, and help would be great or a PM,
I already googled about escaping rbash and all sources of stuff, maybe having a disconnect here

Sorry, but this is one of those “Try Harder” moments. :confused:

@likwidsec said:

@redteam611 said:
hey guys,
I am stuck in rbash and cant escape, read g0tmi1k blog and still cant figure it out. Rbash escaping is new to me and still trying to figure it out, also cant figure out how to get linx enum scripts on the box, rbash is limited alot of ideas, and help would be great or a PM,
I already googled about escaping rbash and all sources of stuff, maybe having a disconnect here

Sorry, but this is one of those “Try Harder” moments. :confused:

Indeed try harder,
The original machine was easier as this has a more recent kernel and OS version. If you know what i mean

Have got the user flag somehow didn’t documented it. But not able to pwn shell. Though tried all the stuffs without nc. Need hints to get the shell.

@h4ckt0n1c Enumerate services one more time and just login in :wink: If you don’t have credentials read all emails. To read emails you need user and password, maybe there is somewhere admin console with usefull commands?

is that py file just fot distraction ???

@bug nope, look at this closely

@Ruster i have modified it &run … but it is acted as normal user :frowning: … any how le try more thnx

@bug your on the right track read what it is doing…

k le me try

yeah im on the same problem. Can’t run it as root

guys … PM each other …

and for @bug… learn why we use hashbang in any script …

@Agent22 … hmmm k 22 le me try … <3 thxn both of you … kebab lets have a feast :smiley: