Travel

Have got a shell after some fantastic teamwork. Any hints for getting from d***** to something a bit more functional?

Spoiler Removed

Spoiler Removed

oh, finally rooted,

Good work everyone.

Stuck with the me S I can write in the memory and overwrite what we can see in the d****g output, but I don’t know how it can be useful to get a shell.
Also there is the l
s directory found in the R** Template, I don’t know if it’s a rabbit hole

@TheWorld said:
Stuck with the m**e S I can write in the memory and overwrite what we can see in the d****g output, but I don’t know how it can be useful to get a shell.
Also there is the ls directory found in the R Template, I don’t know if it’s a rabbit hole

Think about what kind of data you’re overwriting and how you can use that to your advantage

Type your comment> @TheWorld said:

Stuck with the me S I can write in the memory and overwrite what we can see in the d****g output, but I don’t know how it can be useful to get a shell.
Also there is the l
s directory found in the R** Template, I don’t know if it’s a rabbit hole

I am in same spot

I am in the **-login page is it a rabbit hole, any nudge would be much appreciated

For those stuck with m***ed:
It is not a rabbit hole but definitely another type of rodent.
When you figure that out d
g may be the key.
When you’re in trouble be mindful of how you are going to escape.

@Shellz said:

For those stuck with m***ed:
It is not a rabbit hole but definitely another type of rodent.
When you figure that out d
g may be the key.
When you’re in trouble be mindful of how you are going to escape.

This thing is driving me crazy, second day now! :smiley:

Rooted :smiley: after long journey :smiley:
Personally this my best box so far .

Fuzzing the g* folder in the sub is a rabbit hole?

@3l0nMu5k said:
Fuzzing the g* folder in the sub is a rabbit hole?

You dont need to fuzz if you have a handy tool for it.

■■■, I don’t find the password for the ***g user ****n. neither on the site nor in rockyou. I see this as my only way in. I don’t get the comment with the **S and dont find anything related to its developers, i.e. don’t know how to access this. please send me a nudge, wasted all day on that.

I’ve get user, thanks @ElVi7MaJoR for help in foothold :slight_smile:

Hello, I’m confused on my priv esc. I was able to be a root but I can’t find the root.txt.
I can’t read or mount also.

Could someone tell me where did I go wrong?

Finally user. Foothold is a long journey. Somehow my exploit is working locally but it doesn’t work against remote machine. Thanks to @polarbearer for the help.

User is easier than foothold. Need some rest before take the root.

Type your comment> @LeapTruTime said:

Could someone tell me where did I go wrong?
PM me.

Type your comment> @Warlord711 said:

You dont need to fuzz if you have a handy tool for it.

Gotcha thanks.

rooted wow i loved this box <3

thanks @xct & @jkr