That exploit that tries to print /etc/passwd could be modified a bit to instead find usernames. You could also look into kernel_router exploits, some of which can give information from a specific device, or some give a shell on the router which you could then use to pivot to other devices on the network by attacking ports that aren't forwarded.

Thanks -- I think I figured out that particular one -- it was an http exploit that logged in with a user --

Most of these are non-root users that I'm logging in with, and when I try to delete trace from System.log, I'm always denied permission.

Am I missing something in how to change permissions?

At least I've made enough cash to upgrade my rig and am not constantly running out of space anymore, haha.

I think I've progressed to the "second" mission where I received an email saying to check into a machine.

I was able to log into it but was only able to obtain a chat log about someone's suspected drug use, and suggested to log onto that person's computer (I have no clue how yet) and a PDF internet sales receipt with an IP address.

You generally need to escalate to root in order to modify the logs, easiest way to do that without local exploits is deciphering the passwd file and logging into root with `sudo -s`

Are there any tips for the "mission"? I guess it's a mission.

Received an unprompted email telling me to check out an IP.

I poked around and found a chat log in one user mentioning her son's drug use.

I got access to the root password.

I have no clue what to do next. Do I forward the chat log to the email sneder?

Originally posted by ecceben:

Are there any tips for the "mission"? I guess it's a mission.

Received an unprompted email telling me to check out an IP.

I poked around and found a chat log in one user mentioning her son's drug use.

I got access to the root password.

I have no clue what to do next. Do I forward the chat log to the email sneder?

Those types of missions require you to go over multiple networks. They also tend to be the hardest missions in the game. You've kinda gotta figure out where to go based on things on each device such as chat logs etc.

Cool, thanks for the advice.

The only thing in the chat log I found mentioned the "son's computer" but didn't list an IP address.

I assumed that meant I needed to use ScanLan and see what computers were connected to the router.

I got root access to the first IP, and then to the second IP, but there's nothing that I can find on the second IP to lead me someplace else.

I was in a third computer (I think) but couldn't access the network because it was Ethernet only. I gave up after that.

This is the initial email.

"Hello, I have heard about your skills and I have a certain personal interest in you taking a look at the computer that is on the 81.9.198.103 network on the LAN 192.168.0.2. You may find something that may interest you.

I prefer to remain anonymous, so please do not try to contact me."

I got root access to both the IP and LAN.

Originally posted by ecceben:

Cool, thanks for the advice.

The only thing in the chat log I found mentioned the "son's computer" but didn't list an IP address.

I assumed that meant I needed to use ScanLan and see what computers were connected to the router.

I got root access to the first IP, and then to the second IP, but there's nothing that I can find on the second IP to lead me someplace else.

I was in a third computer (I think) but couldn't access the network because it was Ethernet only. I gave up after that.

This is the initial email.

"Hello, I have heard about your skills and I have a certain personal interest in you taking a look at the computer that is on the 81.9.198.103 network on the LAN 192.168.0.2. You may find something that may interest you.

I prefer to remain anonymous, so please do not try to contact me."

I got root access to both the IP and LAN.

If this is multiplayer then sharing public ips like that is not a good idea, if it's not then that doesn't matter.

The email is meaningless though, there's a bunch of these types of missions. You are looking for an IP to continue the trail, the IP can be in a lot of places depending on the mission, things like chat logs and stuff will often either contain the ip or hint where to find it. Look in places where IP addresses tend to be.

Thanks -- I haven't done multiplayer yet.

I'm really stuck on the Funny Game exploit.

If a target has no open ports, I've managed to hack into the router, and even hack across to separate routers and get email addresses associated with the LAN target.

What address do I point the Funny Game to? When I try pointing to the target LAN, it says the IP must be public.

Like 80% of my missions now are closed port tasks.

Closed port of initial IP -- so I hack into router, run ScanLan.

I was on the subnet of the target LAN, like 10.0.1.1 and the target was 10.0.1.8. Still couldn't nmap or autohack the target LAN. Found email addresses on like 10.0.1.2, but couldn't figure out what to do after that.

Originally posted by ecceben:

Thanks -- I haven't done multiplayer yet.

I'm really stuck on the Funny Game exploit.

If a target has no open ports, I've managed to hack into the router, and even hack across to separate routers and get email addresses associated with the LAN target.

What address do I point the Funny Game to? When I try pointing to the target LAN, it says the IP must be public.

Like 80% of my missions now are closed port tasks.

Closed port of initial IP -- so I hack into router, run ScanLan.

I was on the subnet of the target LAN, like 10.0.1.1 and the target was 10.0.1.8. Still couldn't nmap or autohack the target LAN. Found email addresses on like 10.0.1.2, but couldn't figure out what to do after that.

https://steamcommunity.com/sharedfiles/filedetails/?id=2844216972

Thanks -- I wasn't realizing I had to point the target to my rented server. That worked, and I was able to get on through the reverse shell.

I must need a better mapping tool apparently.

I'm now on the targeted subnet with guest access to the subnet's router.

It has five computers .1, .2, .3, .4, .5.

I've nmaped every one and get nothing showing on any of those.

The only port open on the router .1 is 8080.

I tried running Browser.exe on .1, and got a this program can only be run on computers message.

Is there a specific tool to move laterally across a subnet? I've tried autolocal and localhack and nothing is giving me access to the subnet LAN. Eesh.

Originally posted by ecceben:

Thanks -- I wasn't realizing I had to point the target to my rented server. That worked, and I was able to get on through the reverse shell.

I must need a better mapping tool apparently.

I'm now on the targeted subnet with guest access to the subnet's router.

It has five computers .1, .2, .3, .4, .5.

I've nmaped every one and get nothing showing on any of those.

The only port open on the router .1 is 8080.

I tried running Browser.exe on .1, and got a this program can only be run on computers message.

Is there a specific tool to move laterally across a subnet? I've tried autolocal and localhack and nothing is giving me access to the subnet LAN. Eesh.

Routers always also have kernel_router, player made tools are varied and wide ranging. You're starting to reach the part of the game where you'll have to figure things out more on your own. Every network is different. Your issue is not your nmap though, computers don't always have services running, if you need a shell on those computers then rshell/funny game is the only way.

So there must be a way somehow to get a list of users on the subnet to send the rshell/funny game to. I've tried everything I can find online and in the hackshop. Only guest is on router, and all of the five subnet computers have no open ports, and no tool I've found can give me any level of access or print contents of any folder. I guess I'll just give up on this mission, haha.

There's one camera on the target subnet too, but no exploit in the hackshop or tool I have gets into 37777.

Gotten very familiar with the rshell and funny game now -- I can do most level 3 jobs no problem.

Still stuck on one of the automated missions and it's driving me crazy!

I was able to rshell into three IPs with the funny game, and found a new IP with each one.

The final IP there's nothing connected to it, but the only thing I found was a receipt saying something is "near" the location of an IP.

I pulled up the geo map of the IP but don't see anything around it. There's no chat logs, no files, no connected IPs, just a reference number and a single IP.

Any clues on what I"m supposed to be looking for? The original assignment email just said there may be something I'm interested in.