Irked

2456729

Comments

  • edited November 2018

    I've used a privesc on a specific red file on a different machine, but can't seem to get it to work now. The version matches and I have gone through a few permutations, so I want to move on, but it haunts me. If someone can under stand this vague (four obvious reasons) question, please let me know if I should keep banging my head against this particular wall.

    Edit: got root. If anyone is wondering, definitely not via the thing I was referring to, but still a red file.

  • rooted, i really liked the box, it was not as easy as jerry but still very fun. Thanks to the creator

  • edited November 2018

    good to have some times a easy box to just roll with it with out having to bang your head against the wall for hours or days :D going to vote pro because is a inux box. <3

    ReK2

  • got root...pm for hints...

  • Got root. The priv escalation was a rabbit hole. Obvious once one practices the fundamentals.

  • need initial foothold for this machine

    banteng999

  • Got a shell, can see the file I want to read. However, every command I know to read a file in a terminal returns no output and seems to kill my shell.. it doesnt disconnect just becomes unresponsive
  • edited November 2018

    i know what exploit to use , i see what port i need to introduction in msfconsole i discovered with nmap , i see is open ....but shell don't work ,wtf ?

  • it was working earlier with no issues, everyone waking up breaking box :p , did get the shell again after reset when i was having issues too

    illwilll
    OSCP

  • Have a low priv shell, digging through the rabbit hole... have the first hint. But totally stuck

  • @illwill after reset exploit is working ....maybe more reset take over the box

  • rooted ! thanks @marine
    but I don't really understand what was happening there
    is it really that easy ?
    If someone rooted the box and wants to discuss the solution pm me
    pm for hints

  • I hate CTF like boxes.
    The only thing that I liked about it is that you can actually get root without getting user.txt, and root is pretty easy.

    Hack The Box

    OSCE | OSCP | CRTE | GPEN | eCPTX | CREST CRT | GDAT | eCPPTv2 | GWAPT | OSWP | ECSA (Practical)

  • edited November 2018

    My tips:

    For initial foothold:
    You need to follow the obvious hint that is given to you. Make sure that your nmap scan is not missing something. After that, a little bit of research (basically a google search) will grant you a shell. For user.txt, just spend a few minutes enumerating the system and you will find something useful in order to log in as a proper user.

    Priv esc:
    Piece of cake, basic Linux priv esc method. Once you find something interesting, see what it is trying to do and exploit it to get the root shell.

    Good luck!

  • i think i'm overthinking privesc. just can't get it done. meh, maybe later

  • edited November 2018

    Finally rooted. I just needed to step away and come back with a fresh set of eyes was all. Yup, don't overthink the priv escalation on this box and look for the low hanging fruit. I searched and saw it not long after I got user, but didn't take time to read. Had I slowed down I would have noticed something that hadn't looked familiar. Good luck to those still hacking away--just keep it simple.

    OzzY

  • got it. thanks @T3jv1l for making me realize that my find command was wrong (and has been so for weeks, that explains why i had such a hard time lately, lol)

  • edited November 2018

    I have a low level shell, a bit lost on where to priv esc from here. Have found user.txt but no permission, would appreciate a gentle push in the right direction!

    EDIT: Got user, that was super fun (thanks for your hints). Time to look more into priv esc now.

    EDIT2: Got root. That was a bit harder than expected only because i'm not too familar with the standard linux files. Still learnt a lot though. If anyone is proper struggling I can nudge you in the right direction, just PM me.

  • Look at the files you have access to. One of those will give you a hint. You will probably overthink and disregard that hint. Ask me how I know... xD

    --Skunkfoot

  • Got it! I want to thank to everybody who has helped me. It is a nice box, a little bit unrealistic on the privesc part, but OK.

  • Guys, I am not so experienced. I got till the phase of setting up a reverse cell, but no responses :( any clues ?

  • @dimhatzi maybe take a closer look at the port you're using to make sure it's the right one for that exploit.

    OzzY

  • @OzzY said:
    @dimhatzi maybe take a closer look at the port you're using to make sure it's the right one for that exploit.

    I tried it on several of the ports and they all worked :)

    --Skunkfoot

  • edited November 2018

    User:
    Just enumerate well and google about common vulns for the infos you find. Actually, there is an obvius hint that should lead you pretty quick to a shell.
    Than just look at the juicy files you tipically cannot read in a CTF and you will escalate to user quickly.
    Actually I think is not needed to get the user that has access to user.txt in order to get root - so you can try to enumerate more and directly root the box.

    Root:
    Standard enumeration, nothing hard, keep things simple, just make sure to CHECK two times your privesc commands to see something strange! Maybe double check these commands with the same commands outputs you have in your attacker machine to spot on something strange.

  • Thanks for this box! Great replacement for Jerry

    tobor
    Gods make rules. They don't follow them

  • Got root pretty simple, if someone need a hint, just PM me!

    Ozunu

  • Rooted this box. If anyone need a hint feel free to PM me :)

    Baikuya
    OSCP

  • @OzzY said:
    Finally rooted. I just needed to step away and come back with a fresh set of eyes was all. Yup, don't overthink the priv escalation on this box and look for the low hanging fruit. I searched and saw it not long after I got user, but didn't take time to read. Had I slowed down I would have noticed something that hadn't looked familiar. Good luck to those still hacking away--just keep it simple.

    Same boat. Chased some rabbits but, in the end, it was very simple.

  • feeling a moron atm, i know should be easy to understand this b***** file, but i just cant get it

Sign In to comment.