Writeup

Type your comment> @iQimpz said:

On the initial foothold I cannot get my exploit to work because I get the error:
ImportError: No module named termcolor

How do I get this to work?

If I specify python3 then I get a bunch more errors.

Edit: I downloaded termcolor and am using python2 but still getting a bunch of errors…

read the error and try to understand
try pip install termcolor

Finally rooted it, some rabit holes that drive me crazy

I’m just gonna leave this here for whomever needs this. Root was tougher than I expected on this box.

https://www.hackingarticles.in/linux-privilege-escalation-using-path-variable/

Rooted, ask help if u want. hints user : kali enum tools + cve ; root : pspy, look for paths

Any1 else have issues when executing the python exploit 46***? It will crash out when trying to crack the password or often display garbage results that I know to be bogus and simply just crash out at some stage. Some results diff depending on each time i run it. Using Parrot atm , but issues running it too on Kali. Anyone know the reason or encounted this problem?

Type your comment> @Pwn2D4 said:

Any1 else have issues when executing the python exploit 46***? It will crash out when trying to crack the password or often display garbage results that I know to be bogus and simply just crash out at some stage. Some results diff depending on each time i run it. Using Parrot atm , but issues running it too on Kali. Anyone know the reason or encounted this problem?

I wasn’t… PM me and tell what staff you are putting on .py…

Can someone PM me a hint, I found some pages, but I don’t think I found them all, as enum is prevented … I’m probably missing something obvious…

Finally got root! Was a nice learning experience ^^

Still looking for a hint, please, I’m stuck with a user, salt and pass that I can’t utilize properly apparently… help?!

I know this sounds silly but I did basic recon and I took note of services but I really can’t find an exploit … can I get help?

Type your comment> @userp419 said:

I know this sounds silly but I did basic recon and I took note of services but I really can’t find an exploit … can I get help?

There is Firefox plug in you have to install to determine the software find an exploit based on that software

Type your comment> @H3L1OS said:

Type your comment> @userp419 said:

I know this sounds silly but I did basic recon and I took note of services but I really can’t find an exploit … can I get help?

There is Firefox plug in you have to install to determine the software find an exploit based on that software

I just used nmap. But I’m looking for a metasploit module or a script for this particular versions, I can’t find anything. Yes I am noob :frowning:

Kudos for the creator of this box.

@userp419 said:
Type your comment> @H3L1OS said:

Type your comment> @userp419 said:

I know this sounds silly but I did basic recon and I took note of services but I really can’t find an exploit … can I get help?

There is Firefox plug in you have to install to determine the software find an exploit based on that software

I just used nmap. But I’m looking for a metasploit module or a script for this particular versions, I can’t find anything. Yes I am noob :frowning:

@H3L1OS comment is right. Try to determine the software, enumerate, then look for an exploit. You don’t even need a plugin in this case to check the technology that is being used.

@bipolarmorgan said:
Still looking for a hint, please, I’m stuck with a user, salt and pass that I can’t utilize properly apparently… help?!
Check the tool you used to get those pieces of information. It probably has an option that could help you.

Type your comment> @twypsy said:

Kudos for the creator of this box.

@bipolarmorgan said:
Still looking for a hint, please, I’m stuck with a user, salt and pass that I can’t utilize properly apparently… help?!
Check the tool you used to get those pieces of information. It probably has an option that could help you.

I believe i cracked the password, now where does it belong? EDIT: DUH, nevermind, I have user now… on to root. Any hints on pivoting or privesc?

First root!! I’m feeling really good about this one. Thanks to whomever left a copy of p****4 in the home folder. Really helped out. Thanks to everyone for all the hints in this thread!

Rooted! Feel free to DM me for info. Privesc can be a little frustrating if you are looking at the wrong thing.

ARGH - root is very difficult, I’m still pounding my head against a wall hours later, staring probably right past the answer. EDIT: Yup, I was staring at the answer for a while. Had to retry a couple times to get the method to work as well, DON’T GIVE UP!!

my first rooted box :slight_smile:
thanks for all the tips. And hi to whoever was chatting on wall yesterday ;D

Well, I watched and learned… p****4 was helpful and confusing at first. Root was harder than expected. PM me for hints. I should’ve thought to use wall to chat with other users on the box, seems stepping on toes was an easy task, it’s like we were fighting to take root.

6hrs of banging my head against a wall and countless hours of research and reading I still cant figure this out, especially when my script errors out.