Travel

Finally user. Foothold is a long journey. Somehow my exploit is working locally but it doesn’t work against remote machine. Thanks to @polarbearer for the help.

User is easier than foothold. Need some rest before take the root.

Type your comment> @LeapTruTime said:

Could someone tell me where did I go wrong?
PM me.

Type your comment> @Warlord711 said:

You dont need to fuzz if you have a handy tool for it.

Gotcha thanks.

rooted wow i loved this box <3

thanks @xct & @jkr

rooted what a box
initial hint : dont fuzz crazy be smart when you find it use a tool
DM for hints if you still stuck

I’ve rooted it, thanks @0x41 and @ElVi7MaJoR :slight_smile:

Finally after “travelling” on a massive rabbithole, finally arrived at the correct root. :slight_smile:
Thank you @fr0ster and @b3nn for the guidance.

Tip: Priv esc is easy if you enumerate well. If you think you got root and root.txt is missing, step back and don’t push further. I went on a massive rabbithole because I got a root but was actually a rabbithole root.

Cheers to the creators.

Thanks a lot to all of you that helped me during this, for me very difficult box!

Shout out to the creators! It was really good!! :smiley:

found the foothole…i think - this box just got real interesting real quick

Type your comment> @CRYP70 said:

found the foothole…i think - this box just got real interesting real quick

I just started and find it interesting, hopefully more to follow.

awesome box; i spent a fortune of time trying to X**. finally rooted!

Type your comment> @dakkmaddy said:

Type your comment> @CRYP70 said:

(Quote)
I just started and find it interesting, hopefully more to follow.

Yeah I know right, bout time we got a WordPress site on hard difficulty :smiley:

Type your comment> @sparkla said:

Working my way forward with this box. Still haven’ completely figured how d***g works. I mean I can trigger it with exactly one “switch” and will search now for more switches, not understanding the output yet.

Not asking for nudges but one thing I’d need to know. Do I need to use an actual R** client or is that a rabbit hole / working in a different manner?

it’s not a rabbit hole.

hint:
-. Recon
-. Analyzing language roles
-. Deserialization
-. Bypass xxxx filter
-. litle scripting
-. Basic enum
-. G0t r00t

Type your comment> @eightdot said:

would really like a nudge on root, i found s**, some stuff in L*** and something that only returns **4.
but no idea that to do/look-at next

update: found my way forward, then missed a bit hint a client program gave me

I feel like I’m in the same place and unsure if L*** is the way forward to root. Any nudges would be appreciated thanks.

This box has been awesome, thanks @xct & @jkr

Hey, i can overwrited me*****he but i have no idea what to overwrite, can someone tell me in pm what must i overwrite,please ?

Need some help on building exploit for m****e and dg. I can understand what happens behind the scenes, but I can’t find a way to go further for next step.

Edit 1
Got user. Thanks @d3spis3d for the clean explanations on on those exploit building things.
On to root.

#~
Root owned. It’s a brilliant machine. But was a pain in the a*s for the last 3 days.
Initial foothold and initial shell is really hard as f**k. Root is easy.
For the first time i wrote a py script and it worked like a charm. Feel Proud.
Thanks @xct @jkr for the pain and stuffs to learn.

PM for cryptic nudges.

Type your comment> @0xstain said:

Hey, i can overwrited me*****he but i have no idea what to overwrite, can someone tell me in pm what must i overwrite,please ?

You don’t have to overwrite anything. Just because something exists, doesn’t mean a second can’t exist aswell.

Finally - with (very patient) help from @0x41 and @d3spis3d

I made things harder than they needed to be but also learned something new in the root privesc part.

Happy to help others via dm