Irked

1181921232429

Comments

  • edited January 2019

    Getting the the initial user manually is so much better than using metasploit. I am trying not to use MSF since I took my OSCP and ...failed. That's okay. I got it it next time....so close. That is a really hard test...people are not lying. PM if you want to know how to get user manually. It might take me a day to respond depending on your TZ.

    Huejash0le

  • OMFG! been on this for a week! what are you supposed to do with that damn S*** FILE!!!!!!???? >:O

  • Rooted! Thankyou @MrAgent for this box, I learn a lot about the priv esc part!

    For anyone who need help, feel free to PM me ;)

    Hack The Box

  • @env said:
    Rooted! Thankyou @MrAgent for this box, I learn a lot about the priv esc part!

    For anyone who need help, feel free to PM me ;)

    Glad you liked it.

    Hack The Box

  • Anyone give me a push on how to solve the stego? I gave up and just went for root.

    Also curious as when trying to use a generic payload my shell will open and close the second I give a single command but meterpreter shell works

  • Root is ez pz once you figure out what's going on. My advice is to poke and prod at the binary that you think is suspect (throw it some commands, etc.). Take the time to read the output it produces and examine its behavior! I had a eureka moment once I realized what was going on.

  • @rickybobby46 said:
    so I got the .b***** and used steg and got something like *****:** I have no clue what to do with that though...

    I also have no clue what to do with abusing S.. I can't seem to find anything even with enumeration.. im using something like f / **** 2**** (obviously didnt include most of that command) to enumerate.

    Any help would be appreciated.

    Hi bro,I am struggling in Steg ,have no idea to use any tools, just google it ,May I get some hints >.<

  • Stego tool should be used with password.
    Find stego password first and then use popular stego tool.

    tabacci

  • Got user finally had it a day prior...? It is what it is....

  • So I when performing nmaps I found a certain port open. This was http and lead to a directory site where I found a user file. This went down and is now a closed port. Is this just what someone else was doing?

  • hkmhkm
    edited February 2019

    at low priv shell but stuck on b**** file. any hints on the passphrase?

  • There are plenty of hints in this thread that will definitely help get root on this box.

    Hack The Box

  • got the root.txt, but not sure it is the intended way to get that. Could anyone pm me for any intended and unintended way to solve the root part. Many thanks.

  • I am attacking a binary that I can think I can leverage to read root for me, though i've thrown 15+ commands at it and it's not playing ball. Hints much appreciated. Don't want to print binary name here but will in PM, even masked I think it would be a give away.

    ipbsec

  • Finally got my root shell on this. I've learned a few valuable lessons from this box, it's all about enumeration, enumeration, enumeration. Subtle hints available by DM if you are stuck.

    ipbsec

  • i'm having trouble on root. while other said its basic. as someone new to linux its kind hard to notice the different.

    while there is some file I suspect as the binary file. I can not make it work. googling does seem do much or maybe I'm not using the correct word.

    I know I need to run some binary in SUID. any help would be appreciate

  • Finally r00ted! Nice journey, especially user part! For the root enumerate and find the S*** files which give you question in your mind! Execute and see the output.

  • @dmknght said:
    Rooted. Very interesting Priv Esc method. I can't believe i executed it and i missed it in the first time. This machine can be completed under 3 minutes.

    I did the same thing

  • edited February 2019

    Rooted, got the user.txt following root. This is probably the most ctf like box I have ever done. Can someone let me know what tool I was meant to use on the user file to reveal its contents?

    Also hint for root, contrary to a lot of people here I wasn't abled to just execute a binary and have instant root (could be people not resetting on free server). I was able to execute commands as root by modifying the right file. Easiest way to find is to think how you would locate all files that have different/abnormal permissions. Hope that's not too spoilery!

  • is this instant root thing supposed to be happened? since I tried it yesterday it doesn't give me instant root. please PM me . I'm new to this but I want to learn how this works

  • @Epictetus said:
    Rooted, got the user.txt following root. This is probably the most ctf like box I have ever done. Can someone let me know what tool I was meant to use on the user file to reveal its contents?

    Also hint for root, contrary to a lot of people here I wasn't abled to just execute a binary and have instant root (could be people not resetting on free server). I was able to execute commands as root by modifying the right file. Easiest way to find is to think how you would locate all files that have different/abnormal permissions. Hope that's not too spoilery!

    have you tried frolic yet? That is also a CTF like box.

    Huejash0le

  • OK, this was my first box after playing around on the retired boxes for a few days. It took me approx 4 days (on and off) to get both user and root. So much was learnt and I'm not sure how much of it I would have done without the hints from you folk, so thank you.

    I will say that some people need to be careful just how much of a 'hint' they offer publicly. Some were a little too close to being a spoiler.

    However, with that said, I thoroughly enjoyed the learning curve and look forward to many more sleepless nights.

  • You guys need to stop abusing the rest button and give people chance to root the machine , ive spent hours trying to enumerate with a low shell. Please can you stop the madness already !!!!

  • I got root. This is my first box hacked. Is there a "flag" I'm supposed to get? What does it look like? What do I do with it once I get it?

  • Found the P****.txt after doing the stego step but not sure what to do with this.
    can someone pm me ?

  • hey its Hank

    Can someone give me a nudge regarding the S**D thing please? I'm a total N00b, but have got user, and feel I'm so close to my first root....

    fellas?

  • @l30n said:

    @Epictetus said:
    Rooted, got the user.txt following root. This is probably the most ctf like box I have ever done. Can someone let me know what tool I was meant to use on the user file to reveal its contents?

    Also hint for root, contrary to a lot of people here I wasn't abled to just execute a binary and have instant root (could be people not resetting on free server). I was able to execute commands as root by modifying the right file. Easiest way to find is to think how you would locate all files that have different/abnormal permissions. Hope that's not too spoilery!

    have you tried frolic yet? That is also a CTF like box.

    I haven't working my way through help currently! I'm looking more to do real-life style machines, had a look at conceal but reckon that machine will need a good weekend of work to get even close to user haha!

  • edited February 2019

    Can someone please PM me about root privesc!
    Found the file but no idea how to exploit it!

    EDITED: Got r00t!

  • @xeNx9 said:
    Can someone please PM me about root privesc!
    Found the file but no idea how to exploit it!

    which file? I'm still stuck on this bit..PM me pls...

    Hank

  • Managed to root the box. Was frustrating since after reading some of the comments in the forum while I was struggling to get the user, made it very easy to get root.

    User was not so easy for me (rookie) and it was a lot of fun to get there!

    The tip from @AzAxIaL totally made it for me! Especially the "full port scans".

    Thank you mate.

    @AzAxIaL said:
    Finally rooted. Big thanks to @sx02089 and @OldManWinter for the hints.
    A good box to learn about really paying attention to results of scans and enumeration scripts.
    My tips for those having difficulties.

    Initial access: full port scans are necessary, services found will give hints of possible ways in.

    User: if you found the .b****p file, Google the full term for s***, think about a file you found during you initial scans and enumeration that would work with it, and consider how you can use the other information in .b****p to gain access.

    Root: As most people have said, enumerate and look very carefully at the results. For those who are not familiar with binaries that are included in a Linux installation, it may take some time to find what you need. Anything that looks unfamiliar, Google it. Worst case, you learn about an existing binary. Anything that is new is worth a look.

    PM me if you need any more hints.

Sign In to comment.