Writeup

Type your comment> @Cyb3r3x3r said:

I tried the exploit related to cms to get the creds but after decrypting the hash it doesn’t work on the login at w******/a****. Any Hint?

If you decrypt the salt and hash properly using rockyou, you will get the password. If its not working at the link u provided, see where else you can use the creds.

Type your comment> @hansraj47 said:

Type your comment> @Cyb3r3x3r said:

I tried the exploit related to cms to get the creds but after decrypting the hash it doesn’t work on the login at w******/a****. Any Hint?

If you decrypt the salt and hash properly using rockyou, you will get the password. If its not working at the link u provided, see where else you can use the creds.

yep i got that…thank you

Really struggling to get root, would appreciate a nudge via PM. Thanks

guys i did port scan and http port is closed for me and all of you talk about hints in web pages so i wonder what is the issue. in TCP i see ssh open only and udp scan is in progress. PM plz

http is open normally - at least it was for me. Box may need a reset.

ok the the writeup box is not active on VIP beta , dont know if admin knows about it.

Finally it’s done…

Rooted pm me for help.

Hi,

I’m still trying to get user. I want to use an exploit but when i run it i’ve got : ImportError: No module named termcolor

Can you guy tell me if i’m on the right path? Is is supposed to be the right exploit?

a little help would be appreciated. thx.

ps: i know it’s a module to install, i want to know is you have that at the beginning of your script.

Wow, I spent ages on the correct vector before moving on. I came back to and realized I just had my code wrong… shameful!
My hint for root:
After following the earlier advice in this forum and listening when another connection is made - the obvious route is the right one.
Notice that you are given specific info in regards to where root executes from.
Otherwise feel free to pm, I check messages at least once a day.

Stucked with the exploit and the TIME variable…can’t figure out what the correct value.

:frowning:

i am stuck in root, i have used pspy as everyone has said, and i have been in and out constantly but i can’t find anything, please send me hints by pm.

ROOTED! In that box I saw how bad I am in Linux privesc …

Thanks @Alexgot and @RawrRadioMouse for the help!

If anyone need hints ping me any time

Got the salt pwd, usr name, password and mail. Please pm to proceed further. Tried few things using hashcat but no luck. Thanks in advance for your help :slight_smile:

Hey all - I’ve got user on this machine pretty easily, but stuck on root now. I am running pspy and have tried a few things, but nothing jumps out at me.

Is there something specific to look for in pspy?

rooted, bit thanks to @Alexgot for the nudge when I was feeling blind and crazy!

Type your comment> @Cyb3r3x3r said:

I tried the exploit related to cms to get the creds but after decrypting the hash it doesn’t work on the login at w******/a****. Any Hint?

Same here

@rideit said:
Got the salt pwd, usr name, password and mail. Please pm to proceed further. Tried few things using hashcat but no luck. Thanks in advance for your help :slight_smile:

same here

got user level flag , heading towards root :blush: