Teacher

GODAMMIT – STOP RESETTING THIS BOX!!! THIS IS NOT A BOX THAT NEEDS TO BE RESET!!! COMMON!!! You kick people off their shells and then have to go through everything ALL OVER again because there’s no simple SSH for this one. Cut it out!!! If you’re rebooting this box you’re WRONG!!!

I’m having so much trouble with getting a shell using the “evil” method. Whenever I input my reverse shell command I get nothing back from the server. If anybody could help me out, I’m following the exact directions in the video but I keep not being able to get a shell.

Type your comment> @corabrickdog said:

I’m having so much trouble with getting a shell using the “evil” method. Whenever I input my reverse shell command I get nothing back from the server. If anybody could help me out, I’m following the exact directions in the video but I keep not being able to get a shell.

Pm me I’ll help you…

Rooted.
Initial foothold is very CTF like but after that there is an interesting path to root.
Everything you need has already been said in this said but i’ll be happy to help.

Big thanks to @ghost0437 for helping me with this box, good learning experience for me

Anyone got a root shell on this box? If yes please pm me, would like to discuss. thanks!

So I finally was able to get a shell with the “evil” method, but I’m horrible at privilege escalation… any nudge would be extremely helpful…

Finished this box, woo!

Some tips for others working on it:

Foothold: Enumerate and think about what kind of site a school might be using. Google can help you here. When you look at the main site code, files of interest may have comments. Take a closer look, and then figure out how to be an evil teacher.

User: All this content on the site got setup somehow…look for leftovers and follow the trail.

Root: Some interesting files and folders in the user’s home…who owns them and how did they get there?

I looked for almost everywhere but cannot find anything for user. Anybody can help me

Edit:NVM I found user way to root

I’m having trouble with the priv esc to user on box. If anyone would pm me i would be very grateful!

Rooted this box ytd. Do pm me if anyone needs help! I will my best to help. :slight_smile:

can anyone enlighten me how to get that damn credentials? :slight_smile:

i cant access to web, what happens?

Type your comment> @portos060474 said:

can anyone enlighten me how to get that damn credentials? :slight_smile:

Enumerate every page properly… ?

Finally got root! Ended up giving up on the --c* approach, as I worked out why it wasn’t working. Got what I needed without a root shell in the end. If anyone did manage to get the --c* approach to work, and got a root shell, I’d be keen to hear how you did it.

May props to @ghost0437 for helping me out with some quality tips.

Type your comment> @ghost0437 said:

Type your comment> @portos060474 said:

can anyone enlighten me how to get that damn credentials? :slight_smile:

Enumerate every page properly… ?

define “properly” :slight_smile:

Something doesn’t go for me, I’m not sure if it is a rabbit hole or just me being stupid, probably the second. Can someone help me in PMs?

I have been trying the “–c*” method that has been mentioned but I cant seem to get the intended effect. If anyone would like to nudge me in the right direction with a PM that would be most appreciated.

EDIT: got root, PM for hints

I have RCE as the “teacher” any tips on location of user file?

“I have RCE as the “teacher” any tips on location of user file?”

I’m in the same boat. Got a limited shell, looking around the installtion but no luck yet.