For root, this link helped it make sense for me: Linux Privilege Escalation exploiting Sudo Rights — Part I | by Mohd Shibli | devconnected — DevOps, Sysadmins & Engineering | Medium
Not exactly what I had to do, but it got the mind thinking the right way. It’s actually very simple when combined with other hints already stated. Kind of facepalm easy after you do it.
Maybe it will help others. PM for nudges.
Type your comment> @mcgowjac said:
or if youd like to help me…
got it…
Finally got root. Thanks, again @mike008. This box was fun, I learned a lot, and loved the rage-titled files being created by others struggling souls.
For those struggling, I’ve got a few things that might point you on the right track:
Foothold: Do your enumeration and you should find a way in.
User: This one is a little tricky. Really try and look for interesting directories and not just surface level ones. Not everything has to be a straight line.
Root: It’s dumb… it’s so dumb. You found the interesting thing? Read it. Something should hopefully stick out to you. Understand what each part of it is doing and what the program in question uses to do it. From there you’ll have to think outside the box… and change the box while you’re at it 
Hi Guys,
need a bit of a nudge for initial foothold.
Not really sure if I am on the right track
Can someone pm me hint
Awesome machine, root obtaining was extremely funny for me. enjoyed!
hi can anyone help me with this machine… i am new to htb and security in general. for now somehow i have managed to get h**d file creds with john and read the .conf file as well. wen i try navigate to d home i dont get any basic authentication in browser. I am stuck at this stage for the last week. tried what ever little techniques i know . please guide me what to do next.
Type your comment> @ANAlbreiki said:
I am stuck with the user. I get the compressed in the secret place, but I can not unzip it because I don’t have the right permissions. Any nudge?
Once you download it, it is your local copy so you can change privileges as you wish by chmod
I finally get user. It is my first box. On the way to root
Type your comment> @91krishna said:
hi can anyone help me with this machine… i am new to htb and security in general. for now somehow i have managed to get h**d file creds with john and read the .conf file as well. wen i try navigate to d home i dont get any basic authentication in browser. I am stuck at this stage for the last week. tried what ever little techniques i know . please guide me what to do next.
hi friends stuck here so long. read forum n=but cant make any sense from hints. please help
I managed to get an initial foothold on this box, but am struggling to get user. To this point I cracked the hash within the .ht***s file to uncover the password and I’m assuming there is a password protected web page somewhere where I can authenticate with the credentials I have, however I can’t find any authentication pages. I read the .conf file and was able to browse to the users home directory within the browser which returns a web page that stats “Private space. Nothing here. Keep out!” This is as far as I’ve gotten so far. Others have said to check dads home directory on the box, but within my low priv shell, I don’t have permissions to list anything within his home directory. From the browser, it loads the web page I said earlier, I just can’t find any other pages that I can authenticate to. Any nudges would be appreciated!
Root was just… incredibly dumb for this box. -_-
Really stuck for user!! I got the creds but not sure where to login… ssh not working and can’t su into d****. Please PM me
I’ve read through this whole topic, maybe I need to take a break and come back and re-read through but I’m struggling on root.
I see the s*****-s****.** file and read through it and knowing that gtfo is supposedly useful from reading through this topic I’m guessing that the j*******tl is involved? But also apparently it involves LESS as I ascertain from reading through this topic. Idk, this is my second active box and first experience with gtfo so I would super appreciate a PM with a bit of a nudge as to how to proceed.
Edit: Got it. Pm me for help
Hey Guys I got User Successsfully. Am really Confused with Root. I ve read pages of Comments and every one says answer is in front of you. and GTFO bins helps. I couldn’t figure it out. Any Help?
I tried jo******tl and less binary exploits on gtfobins. Everything asks for Password. Few people say top Resize terminal. I have no idea why to do that.
Kindly drop me a PM on Directions.
Thanks in advance
Anyone know how to copy out / unpack the backup-XXX-XXXXXXXX-XXXXX.tgz file? Need a nudge. Thanks.
Type your comment> @gobinathan said:
Hey Guys I got User Successsfully. Am really Confused with Root. I ve read pages of Comments and every one says answer is in front of you. and GTFO bins helps. I couldn’t figure it out. Any Help?
I tried jo******tl and less binary exploits on gtfobins. Everything asks for Password. Few people say top Resize terminal. I have no idea why to do that.
Kindly drop me a PM on Directions.
Thanks in advance
Same
Yay finally rooted. Root was a bit tricky.
Initial Foothold: Just run the exploit
User: You can get user with or without the creds from .h***** file.
root: This one is tricky. Read the man of the suspicious looking command and see what can be done by resizing the terminal.
Not sure if the hints are too much.
On an unrelated note: I am currently studying for OSCP and I wanted to rewrite the initial exploit using python. However I an facing issues when I am trying to do RCE. Does anyone have any ideas regarding how to do this?
PM if you need any hints
Finally got user. Thanks for the nudge Mike and Fombus. Now on my way to root
I need some help. I’m on the way to root. Should I do something with s*****-****.**?
Spoiler Removed