Carrier

1151618202128

Comments

  • damn finally rooted, that took me some time lol. Thanks @limbernie and @DaChef for their time helping me out.

    I'm a brave warrior of the sea and I have 8000 followers!

  • Someone can help me with the privesc, i am read all the forum and i still working on it , thanks in advance.

    Hack The Box

  • Just got a reverse shell and I'm in the host, but can't figure out how to own the system... if someone can PM me directly, I'd appreciate

  • Can anyone give me a hint on trying to get user? I'm in the admin console and what next?

  • edited December 2018

    I think i need some help on what i important information i should look for,
    Once you get to that /de*** page, what is actually important to note there ?
    to use something like sear******** afterwards
    Feels like there can be a reverse shell, but i can't quite put my finger on it

  • zhazhazha

    I'm a brave warrior of the sea and I have 8000 followers!

  • I have no idea of how to approach this. I have tried the spw***k and spc***k and I am not getting any info. Someone please PM me and give me a nudge or refrences. Thanks in advance.

  • edited December 2018

    Privesc is killing me... tried so many different approaches and nothing so far.
    What I'm trying to do is adv the network that has issue and listening with t*****p.
    I can see the b** routes been advertised but nothing else interesting.
    Might need to change my game plan.

    Can anyone help me?

  • edited December 2018

    Found the SN#*********, then manage to connect to the webserver but i dont really know what to do next ? any hint ? am i supposed to find an uploader ?

    thx

    EDIT : Got user, no uploader need for this, its called Remote Code Execution so try to find user entry and exploit it..

  • @agentsky said:
    already login in the website. Problem now is where to go... some hint would be good...
    BTW: reading the Tickets, do i need to check on those IP?

    hey agentsky, how did you login to the web application? I have the chassi key and I have tried the with different usernames. Do i need to enumerate more?

  • rooted! that was hard for me!
    very cool box

    TheJ0k3r

  • edited December 2018

    Managed to read the user flag before I even spawned a shell. However, it confirmed my methodology was right for getting a shell. Now working towards root. Great box; learning a lot.

    tiger5tyle

  • Hey guys. Is the machine broken or something?
    I'm trying to log in to the Lyghtspeed page using the username found in the doc and S************3 as passwd but it keeps failing with Invalid username/password. Tried reseting the box but the problem persisted. Am I going on the wrong track?

  • @salamander said:
    Hey guys. Is the machine broken or something?
    I'm trying to log in to the Lyghtspeed page using the username found in the doc and S************3 as passwd but it keeps failing with Invalid username/password. Tried reseting the box but the problem persisted. Am I going on the wrong track?

    The first three characters aren't part of the pw.

  • Hi guys!

    First things first, merry Christmas and hacky new year!

    I'm working to get root flag. I've studied the environment and the technologies that are beeing used. I´m learning a lot with this box. Thanks @snowscan <3

    I think that I'm almost there but something isn't working properly and needs some fine tune.

    Could somebody help me to finish the box? (PM)
    =)

  • Finally got root. Was able to learn a lot with this machine with a particular protocol that was unknown to me, at least until now. Thanks @limbernie

  • i have not any idea how to start with this machine PM me any hint -sU result not helpful yet ;)

  • @limbernie said:

    @HopeHasAPlace said:
    hey guys so i did snmp_login from metasploit and i see it says successful.
    but when I do snmp_enum everything shows up blank like this:

    [+] 10.10.10.105, Connected.

    [*] System information:

    Host IP : 10.10.10.105
    Hostname : -
    Description : -
    Contact : -
    Location : -
    Uptime snmp : -
    Uptime system : -
    System date : -

    [] Scanned 1 of 1 hosts (100% complete)
    [
    ] Auxiliary module execution completed

    ANy reason why I am getting this error?

    how to install spwk to parrot os.it has only s********k . i search on google.but i did not find anythig abt it.

    Use s**pw**k my friend, to walk the entire MIB hierarchy starting from the root. I leave it to you to figure out how to do that.

  • I wish all of you guys Hacky New Year!
    I rarely deal with active machines, rather with retired ones and challenges.
    This may change in 2019.

  • I have been using the Qu**** vt*** tool to make configuration changes and using tc***** to monitor traffic but I am not seeing any changes in traffic and my configuration changes seem to revert after a short period of time. Does the system automatically reset configurations after a period of time? Should I be able to see traffic differences after altering configuration?

  • @frankg said:
    I have been using the Qu**** vt*** tool to make configuration changes and using tc***** to monitor traffic but I am not seeing any changes in traffic and my configuration changes seem to revert after a short period of time. Does the system automatically reset configurations after a period of time? Should I be able to see traffic differences after altering configuration?

    There's a cronjob which reverts the config. If you make the right change, you should see something.

  • i have the password of the services in the privescalation but when i am used this, the password was incorrect, what happening here?

    Hack The Box

  • @deviate said:

    @salamander said:
    Hey guys. Is the machine broken or something?
    I'm trying to log in to the Lyghtspeed page using the username found in the doc and S************3 as passwd but it keeps failing with Invalid username/password. Tried reseting the box but the problem persisted. Am I going on the wrong track?

    The first three characters aren't part of the pw.

    Super thanks, to think I had the cred all this while.

  • I have the user.txt and I think I am a quite a good way into root. Is anyone available to PM and discuss if I am on the right track as I have been at this a few days and I really want to see this one through. Great machine by the way.

  • any help with root please?

    CarterJ

  • GDXGDX
    edited January 2019

    So, I'm gonna leave my own two cents here:
    First of all this is really a nice box, user is rather easy and only requires some enumeration in the right places. Don't focus only on HTTP for information.
    Root is a bit harder if you aren't familiar with the concepts & services/protocols behind it, but in the end it's quite logical and pretty simple once you've read up on the topic and tried around a bit. (Also thanks @jkr for his help with root here)

    If you need some help with this box (user or root), feel free to PM me for hints and also explanations, so you don't end up with the flag but don't really understand how everything worked in the end.

    Also thanks to @snowscan for providing us a possibility to get to know this kind of attack and actually execute it ourselves once, too.

  • edited January 2019

    Finally got root. If you are not one of the networking guys it could be a suffer.... In this forum there are a lot of good hints, if you put it together, you can get root. Try not to over-complicate things, you only need to change one simple thing in one of the configuration files. On a free server it could be really tough and time consuming to achieve your goals because of the constant resets and edits.

    Thanks @snowscan this machine reminds me to one of the hardest machines at OSCP course..... It taught me new things and I need to learn basic network stuffs.....

  • edited January 2019

    The user was really easy. That said I am enjoying the root part a lot.

    I am fairly sure I am nearing the end but my t****mp is not doing anything on any interface. Any hints towards that?

    And yes the free box resets a lot, it is quite annoying, but can live with it. :)

    Possibly I need to change some rules in ip*****?

    Maglok

  • Rooted!

    This is by far my favorite box. Very complete in all aspects. Thanks to @snowscan for creating such an amazing and enjoyable box. <3

    Also thanks @GDX and @aquira for your support!

    If anybody get stuck, feel free to PM me, you are welcome.
    =)

  • Rooted! What a rush. This was awesome. I learned sooo much. Took me a few days and some help (thanks @d4rkk and @GDX ).

    Such an awesome box @snowcan ! Wooo!

    Maglok

Sign In to comment.