Edit: figured it out. (file transfer)
Type your comment> @Sekisback said:
nice after work box. thx to jkr
root can be done without size playing if you check https://gtfobins.github.io/
Sending you a message, really interested t o learn the other way. Thanks!
Rooted.
User: can’t always see the road ahead of you, but use the map that you can read.
Root: The information you need is right in front of you when you’re user. GTFO Bins.
PM for hints, fun box.
stuck on the user for almost 3 days now.
found the /~d****/ location, tried to access it via different tools, but doesn’ t seems to work.
i also studied the man to the service running and stared at the config file as long as i never stared at a config file but i dont get a glue how i can access the dir or the files in the dir 
i would appreciate if someone could give me a hint over PM, please!
Hello all, i recently got the root flag but i don’t know why the script worked the way it did, if anyone knows and be so kind to explain it to me,i would appreciate it. thanks all for your hints.
I’m wracking my brain here. I feel like I’m sooo close but missing something obvious. I transferred the keys to my box, extracted them, all that. But using private key to connect is still asking for user’s password (not the passphrase, the PASSWORD). What am I doing wrong here? a PM or nudge would be GREATLY appreciated!
EDIT: GOT IT! had do do some more google-fu
EDIT #2: Annnnd, we have root! A certain level of OvertheWire has been mentioned before in the thread… very helpful here. Rooting took 10 minutes
Hi everyone!
after trying multiple times, I remember reading something here about the window… So I tried, and got root. Fine.
but it doesn’t feel right, is there any other way to get root on this machine? Or else, if anyone can point me to a place I can read about why this happens? (I’ll test myself several things)
My DMs are open if you can enlighten me 
Finally root.
Lesson learned: start enumerating the closest folders.
Ok I found ~d**** directory… Reading manual and config file I guess that a I need to find more files inside this dir that I cant see but exists… Any hint?
Type your comment> @beezyfbaby said:
I’m wracking my brain here. I feel like I’m sooo close but missing something obvious. I transferred the keys to my box, extracted them, all that. But using private key to connect is still asking for user’s password (not the passphrase, the PASSWORD). What am I doing wrong here? a PM or nudge would be GREATLY appreciated!
EDIT: GOT IT! had do do some more google-fu
EDIT #2: Annnnd, we have root! A certain level of OvertheWire has been mentioned before in the thread… very helpful here. Rooting took 10 minutes
I am stuck at user like you were. can you pm a nudge please
Type your comment> @EDEWAN said:
Ok I found ~d**** directory… Reading manual and config file I guess that a I need to find more files inside this dir that I cant see but exists… Any hint?
@EDEWAN You need to look into man page and conf page closely and see what else can you ls . There is a folder inside the home folder which you as a web server have permission to. You need to find that
rooted. pm me for a nudge.
I’m kind of stuck. I found the file n**pd.conf file which lead me to a .pwd file which gave me a hash. the hash for the user in the file is not working on ssh. Am I in a rabbithole?
That’s a rabbit hole
Search for d***d’s private key
Type your comment> @th3g3ntleman said:
Type your comment> @EDEWAN said:
Ok I found ~d**** directory… Reading manual and config file I guess that a I need to find more files inside this dir that I cant see but exists… Any hint?
@EDEWAN You need to look into man page and conf page closely and see what else can you ls . There is a folder inside the home folder which you as a web server have permission to. You need to find that
I read all the manual so close and the conf file too but im stuck… I think is about the ht****ss file but I cant find anything else in D***** home folder…
Type your comment> @EDEWAN said:
Type your comment> @th3g3ntleman said:
Type your comment> @EDEWAN said:
Ok I found ~d**** directory… Reading manual and config file I guess that a I need to find more files inside this dir that I cant see but exists… Any hint?
@EDEWAN You need to look into man page and conf page closely and see what else can you ls . There is a folder inside the home folder which you as a web server have permission to. You need to find that
I read all the manual so close and the conf file too but im stuck… I think is about the ht****ss file but I cant find anything else in D***** home folder…
Ok. finally I got it… I think its because I didnt understand well the meaning of the public homedirs… I was stuck trying it throught the web that public homedir instead command line…
Type your comment> @RawDawgPAWG said:
Anyone know why my $$$ keys arent working. Is there something else I need to do to get them to work?
try copying the priv key to your system then
ssh -i /root/priv_key *****@
@pwonedLegate said:
Type your comment> @RawDawgPAWG said:Anyone know why my $$$ keys arent working. Is there something else I need to do to get them to work?
try copying the priv key to your system then
ssh -i /root/priv_key *****@
Type your comment> @DiamondBlitz said:
Hey, can someone help me. I got to the initial reverse shell but i’m having trouble with user.
Start with LunixEnum.sh once on the box
Type your comment> @ReT said:
i cant crack the hash found in .h*****s . john wont even attempt to crack it.
base64 it, then base64 -d, then ssh2john then john if ssh key