Carrier

User wasn't that difficult, same with initial shell. Looking for root now...

Tagged:
«13456717

Comments

  • edited September 22

    I just started poking at it, so I'm still enumerating and working on user. Is the serial number thing a dead end? Edit: It is not a dead end. Just had to enumerate more.

  • Still no root - given how quickly people have been dropping user, the escalation must be a nightmare.

  • can confirm, is a headache. the environment is obvious and pretty cool, but personally I do not know anything when it comes to stuff like this. I think the same goes for a lot of people on HtB, hence the lack of root.

  • @opt1kz said:
    I just started poking at it, so I'm still enumerating and working on user. Is the serial number thing a dead end? Edit: It is not a dead end. Just had to enumerate more.

    Thank you for this. I have been scratching my head for too many minutes.

  • @stonepresto said:
    can confirm, is a headache. the environment is obvious and pretty cool, but personally I do not know anything when it comes to stuff like this. I think the same goes for a lot of people on HtB, hence the lack of root.

    Pretty much this. After getting user and poking around/enumerating a bit, I have no idea where to even start. So many things to investigate and so many things that are probably rabbit holes...

  • edited September 23

    @opt1kz said:
    I just started poking at it, so I'm still enumerating and working on user. Is the serial number thing a dead end? Edit: It is not a dead end. Just had to enumerate more.

    Stuck at this point.

    Edit: Got it

    MrR3boot

  • Remember that snowscan is a troll, many dead ends after user.txt

  • edited September 23

    @opt1kz said:
    I just started poking at it, so I'm still enumerating and working on user. Is the serial number thing a dead end? Edit: It is not a dead end. Just had to enumerate more.

    still at this point

    EDIT: Got it :)

  • struggling to even get user. any help would be appreciated :) thanks

  • @taytay said:
    struggling to even get user. any help would be appreciated :) thanks

    did you find the doc? it seems we need to get default user/pwd from the chasiss but enumerating with common tools and wordlists didn't work out for me

    Hack The Box

  • @0xlc said:

    @taytay said:
    struggling to even get user. any help would be appreciated :) thanks

    did you find the doc? it seems we need to get default user/pwd from the chasiss but enumerating with common tools and wordlists didn't work out for me

    I have found a few documents yes, still not able to find any chassis that it refers to. i'll pm you.

  • @taytay said:

    @0xlc said:

    @taytay said:
    struggling to even get user. any help would be appreciated :) thanks

    did you find the doc? it seems we need to get default user/pwd from the chasiss but enumerating with common tools and wordlists didn't work out for me

    I have found a few documents yes, still not able to find any chassis that it refers to. i'll pm you.

    same boat

  • @ryz0rg said:

    @taytay said:

    @0xlc said:

    @taytay said:
    struggling to even get user. any help would be appreciated :) thanks

    did you find the doc? it seems we need to get default user/pwd from the chasiss but enumerating with common tools and wordlists didn't work out for me

    I have found a few documents yes, still not able to find any chassis that it refers to. i'll pm you.

    same boat

    join the club lol

  • Documents is the key for getting user. Back to basics. Start from port scan again but not only tcp.

  • @beginner2010 said:
    Documents is the key for getting user. Back to basics. Start from port scan again but not only tcp.

    ye just found it thanks

    Hack The Box

  • For anyone stuck on the initial foothold - remember that TCP isn't the only way to transmit data

    For anyone stuck on the Priv Esc - i'm in the same boat as you....

  • I have no idea where to go after getting access to the admin console

  • i got rce but no shell yet, i can just ping myself from the box haha

    Hack The Box

  • Got user. Time for some root.

  • getting user is not difficult.
    still no clue about privesc!

  • edited September 23

    Anyone else have/had trouble to get s******k working? Gives "Timeout: No response", command syntax should be correct.

  • @jreeves said:
    I have no idea where to go after getting access to the admin console

    Same. Frustrating. People are saying it is easy though. Think brain, think!

  • Weird. Because I am already root but i just can find user flag. PS.: I didnt privesc I am already root

    alacerda

  • edited September 24

    I like these themed/realistic challenges. Yey :+1:

    Hack The Box

  • @alacerda said:
    Weird. Because I am already root but i just can find user flag. PS.: I didnt privesc I am already root

    Probably because there are multiple challenges after that shell ?

  • I have RCE

  • Privesc was a pain in the ass. Here's a hint: on the web page pay attention at what you read even if it looks funny or silly at the first sight, maybe because it could be something useful later on ;)

  • I seem to be stuck on this already.. I only have the following.

    • Found the docs
    • Found 2 other ports

    Vex20k

  • edited September 24
    *Spoiler Removed - Arrexel*
  • edited September 24

    @sakyb said:
    Anyone one help me in user..
    I found doc folder and also got 161.. what to do after???

    enumerate port 161 Spoiler Removed - Arrexel

Sign In or Register to comment.