Sifting bit by bit

I feel wonderful after solving this box with some hints from a good friend ( MinhTrietPT ) because my method is difference than in the official write-up from Hack The Box . I have to say that I was stuck with this box for 2 weeks. Yeah, now you you know how I'm feeling. As someone say: "enjoy the journey, not the destination." This is very true for me. So. let's get started! First, we use nmap to scan the target: I felt that I need to dig deeper into the port 3632, keep using nmap: Hmm, we have CVE-2004-2687. After googling, we should know which exploit we can use: Wow, we have the shell, but...but... with the daemon user, we cannot read the flag files. We have to learn about Linux Privilege Escalation here. Using this command for enumeration: " find / -perm -g=s -o -perm -4000 ! -type l -maxdepth 3 -exec ls -ld {} \; 2>/dev/null ", what we can find:  Do you see nmap? Do you see what permission of nmap? Let use this co

I would like to start the monthly review to keep track my journey into Cybersecurity and Pentesting. I think the most important things I have done last month (July 2018) were start practicing on Hack The Box and join the local Pwn School meetup. I have some things which I like and dislike about Hack The Box. At the beginning, I chose Hack The Box over Vulnhub was Hack The Box lists all of its labs/machines along with their difficulty level. That help me a lot as a beginner in Pentesting and I decided to hack all of its Easy labs first. I already finished Legacy and Blue, and stuck at Lame because I can't escalate my privilege from daemon user to root user. Now, I'm reading about Linux Escalation to overcome this obstacle. I also read the write-up and realized they used another vulnerability to hack this box. But, I want to learn and challenge myself so now I'm stopping at Lame. However, Hack The Box's lab not always available. So, I'm thinking about switching to