kotarak

I can see the vuln, but all my reverse scripts both default in kali and msfvenom created aint working

Tagged:
«13

Comments

  • no one on this? no comments for a long time......

  • I am here as well. Trying to get info on the file that gets run.

    x0xxin

  • i like kotarak ... priv esc ...trick .... ;)

    Agent22

  • Everytime I think i'm close, I realize that I'm further away :-) This is a tricky box!

    x0xxin

  • @x0xxin said:
    Everytime I think i'm close, I realize that I'm further away :-) This is a tricky box!

    Finally got it with some nudges. Wow, that was a brainfuck.

    x0xxin

  • edited November 2017

    @x0xxin nudges..any nudge?

    i also noticed kotarak and haircut(retired machine) seem same

  • if you're n00b like me, I suggest you stay off this machine, if you're stubborn like me and like to bleed, then carry on, put your life on hold. With some nudges I got root after 4 intense days on this box.

    A113n

  • when you are sysadmin, you like to read some specific files....from that...search an exploit.

    peek

  • i got native meterpreter, any hint on how to proceed?

  • @paciock said:
    i got native meterpreter, any hint on how to proceed?

    take a look on user's directory ll find something interesting ... ;)

    Agent22

  • @Agent22 said:

    @paciock said:
    i got native meterpreter, any hint on how to proceed?

    take a look on user's directory ll find something interesting ... ;)

    i found something but i think is not working or i am using 'em in the wrong place

  • ok, i was wrong, the place was right :)

  • better use nc than meterpreter

    peek

  • Any nudge on initial shell? I believe I found the vuln. just trying to call my shell. PM please?

  • what else can you do, can you look 'inside' the machine instead of focusing on getting a shell (assuming you're not in any portal etc.)

    A113n

  • The priv esc side is doing my head in... It was all making sense till I hit a brick wall...

    blobbo

  • @paciock Any nudges using those credentials? I feel like I've used them everywhere possible without success.

  • @mrpotato said:
    @paciock Any nudges using those credentials? I feel like I've used them everywhere possible without success.

    sent pm

  • edited December 2017

    finally....

    Finished this with lot of blood shed. @A113n
    Blood Blood Blood. Lot of Blood Shed !

    Hack The Box

  • Hi people. I have been hitting this machine with everything i can think of. I have found which ports are opened and dirbusted them THOROUGHLY. I see that certain http-methods are allowed and i have tried to exploit them with no success. I have tried to bruteforce the to***t login as well with no success. I have also tried to exploit the "Private Browser"-form and have gotten access to /server-status, but nothing else.
    Can anyone give me a nudge in the right direction? Any hint is appriciated.

  • I know user password for windows. But I dont know how to use it. Can you give me hint, please.

  • @b1zsv9 said:
    I know user password for windows. But I dont know how to use it. Can you give me hint, please.

    maybe Kotarak is not a window machine ... u need to switch user with a password ..

    Agent22

  • @MrWest3r said:
    Hi people. I have been hitting this machine with everything i can think of. I have found which ports are opened and dirbusted them THOROUGHLY. I see that certain http-methods are allowed and i have tried to exploit them with no success. I have tried to bruteforce the to***t login as well with no success. I have also tried to exploit the "Private Browser"-form and have gotten access to /server-status, but nothing else.
    Can anyone give me a nudge in the right direction? Any hint is appriciated.

    If you've seen the status, you have the answer.

    likwidsec

  • edited January 2018

    Del

  • Can anyone PM a hint on priv esc to root?

  • any help after getting user?

  • Help needed here, got three different .pXX files on port 6XXXXX, got several .xXX files on port 8XXX, found the tetris game... but still no clue on how to get the initial shell.

  • @txalin said:
    Help needed here, got three different .pXX files on port 6XXXXX, got several .xXX files on port 8XXX, found the tetris game... but still no clue on how to get the initial shell.

    if u got tetris there is something more ..

  • @ronny said:

    @txalin said:
    Help needed here, got three different .pXX files on port 6XXXXX, got several .xXX files on port 8XXX, found the tetris game... but still no clue on how to get the initial shell.

    if u got tetris there is something more ..

    Thx, i'm already inside and trying to esc to root, and as always.... stuck again :cold_sweat:

  • @txalin said:

    @ronny said:

    @txalin said:
    Help needed here, got three different .pXX files on port 6XXXXX, got several .xXX files on port 8XXX, found the tetris game... but still no clue on how to get the initial shell.

    if u got tetris there is something more ..

    Thx, i'm already inside and trying to esc to root, and as always.... stuck again :cold_sweat:

    same here!

Sign In to comment.