SecNotes

18910111214»

Comments

  • edited January 2019

    Got user, I have found a way to get root but can't see any file. Can someone PM me to check if I am on the wrong path ? Thanks !
    EDIT: Got root, learned a lot, thanks to @clmtn and to @0xdf for the box !

    Hack The Box

  • Rooted
    New things, nice box :+1:

  • Cool box, was able to learn few things, got user and root.
    Let me know if you guys have questions.

  • all day on this box, and finally got root, and root.txt. Thanks for hints @xterminal01 and @clmtn

  • Got root. It take me all the day :D
    I struggled most of the time with the first foot hold which was new concept to me.
    I'd to thank @anina for the tips.

  • I have got user on this box. But could not find a way to get root. Can someone give me some hints on privilege escalation?

  • Just pwned the system. That was quite cool and I learned a bunch, mainly about win 10 'features' :) Great box!

    Maglok

  • @xoxoxo said:
    I have got user on this box. But could not find a way to get root. Can someone give me some hints on privilege escalation?

    Look for something that should not be on the Windows machine, but on the some other OS l.. :)

  • Can someone help me with shell i get Something went wrong. Please try again later.

    B0rN2R00T

  • I have found some has*** from inital foothold. Do i need to brute force with has****. I tried it for all the user but un successfull.

    am i in right path? please guide

  • Type your comment> @Underworld said:

    Rooted.

    My feedback for areas I got stuck on (aside of my OVPN client not working and me thinking it was a flaky shell):

    I got stuck on some injection right at the beginning. I sat down and wrote down what I thought was the query being executed, then wrote into that what I would do to bypass it. Copied and pasted and that worked.

    Spin through Wikipedia's page on new features to Windows 10. There are some really weird looking directories and files on the box. It should ring some bells when you see it in the Windows 10 feature listing.

    When you know what you are looking for GO FIND IT.

    At this point, start enumerating like you would do a new box.

    Good luck!

    Hey there,

    I'm trying the injection route to eventually get to an initial foothold, and I did notice something after submitting a new note i.e. how the entry gets referenced to an id and ends with ". I looked online to see what that could be, either it's a commenting out thing or something tied to php. Would you be able to provide any hints? I think I'm getting somewhere.

  • @darkrealm12 said:

    Hey there,

    I'm trying the injection route to eventually get to an initial foothold, and I did notice something after submitting a new note i.e. how the entry gets referenced to an id and ends with ". I looked online to see what that could be, either it's a commenting out thing or something tied to php. Would you be able to provide any hints? I think I'm getting somewhere.

    This box retired quite some time ago. You might find it easier to look through one of the write ups to find a solution (there are a lot of write ups).

    TazWake

    Note: https://www.nohello.com/

    Happy to help people but PLEASE explain your problem in as much detail as possible! If you say vague things like "It's not working", I cant help. This isn't Twitter so my DMs are always open.

Sign In to comment.