RatLabs
🐀 0 pts earned

Retrogate

Cleartext credentials over a legacy protocol — some habits never die. Authenticate through the old gateway, find what the sysadmin left behind, and walk the classic escalation path to root.

Machine may be having trouble (checked 7m ago)
Target IP Log in to reveal
User Flag Pending
Root Flag Pending

Premium

Walkthrough, Tips and Tricks

Walkthrough

Discover Telnet exposure and test recovered or guessed credentials for access. Enumerate user environment, credential stores, and shell history for escalation clues. Identify insecure SUID binaries and validate exploitability in this environment. Use a safe escalation path to root and collect the final proof.

Tips and Tricks

Legacy services often reuse weak credentials from nearby systems. Check shell history and local scripts early. Verify SUID behavior carefully before invoking payloads.

Community

Community Walkthroughs

No community walkthroughs yet — be the first!

Log in to submit your own walkthrough.