Irked

12325272829

Comments

  • Got root. nice box. Not so sure about what exactly the file does but i'm working on it.

  • Any help with this box i have exploited the service !! but no clues what to do next . someone please help me .

    Hack The Box
    If i helped you and tried to explained you! just give me a respect. click on the img to get my profile link.!
    Profile : https://www.hackthebox.eu/home/users/profile/17564

  • anyone here to help me with irked?
    i enumerated r******d service. used the necessary exploit but stuck with image.

  • Rooted this box.
    For folks who haven't , don't overlook enumeration. Important information is hidden in plain-sight.

  • For remote access, I used metasploit module.
    Anyone got remote access without metasploit ? If yes, please ping me.

  • This is the most ironic box ever. I spent longer on this box than others even though the methodology for rooting other boxes is much more difficult.

    I believe the name 'Irked' is supposed to come from the idea that there are some proc names that look like they should be ideal targets for priv esc, then you run the script and it just dies.

    Then after hours of enumeration I just ran one line and got root.

    If anyone is having trouble getting root I'm sure you can get it after reading this! Stop looking at hard stuff and imagine it being as easy as the remote exp you used to get shell.

  • ROOTED !!

    PM for hints

  • Rooted!

    Real learning experience on how handling your enumeration.

    Feel free to PM me for hints!

  • finally rooted! still not managed to esc priv to root mind, but ill come back to it, absolutely done my head in this... learned a lot though!...

    Hack The Box

  • Please send me any hint about this file with stegano, is it konami code? if yes where to pass it?

    If you appreciate my help, please give +1 respect :)
    https://www.hackthebox.eu/home/users/profile/76469

  • Type your comment> @saberu said:

    This is the most ironic box ever. I spent longer on this box than others even though the methodology for rooting other boxes is much more difficult.

    I believe the name 'Irked' is supposed to come from the idea that there are some proc names that look like they should be ideal targets for priv esc, then you run the script and it just dies.

    Then after hours of enumeration I just ran one line and got root.

    If anyone is having trouble getting root I'm sure you can get it after reading this! Stop looking at hard stuff and imagine it being as easy as the remote exp you used to get shell.

    The name comes from one of the services on the box.

    Hack The Box

  • just analyse the nmap scan on the ports.. it will be enough for uhh

  • Could someone please give me a hint for the Stego Part to get the DJ Password. Tyvm

  • @blackx67 said:
    Could someone please give me a hint for the Stego Part to get the DJ Password. Tyvm

    man on stego would help you

  • i feel like a complete moron
    i have done a lot of enumeration, port scanning, directory brute forcing, nothing is working, can someone give me a hint? nothing seems to work

  • Type your comment> @PromeDNS said:

    i feel like a complete moron
    i have done a lot of enumeration, port scanning, directory brute forcing, nothing is working, can someone give me a hint? nothing seems to work

    Did you do a full port scan?

  • Rooted!

    Thanks to @dcdesmond

  • still stuck on root lost in privesc. pls someone pm me

    madhack
    If you need help with something, PM me how far you've got already, what you've tried etc.
    Discord: MadHack#6530

  • Managed to get user and root but root took a while. Great box!

    It def gave me a crash course on linux and privesc. Funny thing is that the way I got to root, I saw the oddity on the first enum, even tried it as it seemed odd, but discarded it at first. Only 3 days later when I got back to it and actually looked at it decently did it dawn on me. Lesson learned!

  • edited March 2019

    Finally got Root on this girl and she's my first! I have to get more experience enumerating every executable so this was a good system for that. In retrospect, getting user was a lot more involved. That said, from past experience in CTFs, it wasn't all that difficult.

    The main takeaway for me here is that I have to get used to the CTF mindset. I've spent way too much time as an analyst pouring through alerts, pcaps, config analysis and all that goodness for so long that I'm not used to "stupid admins" randomly breaking things in stupid ways (aka CTFs).

    Interestingly enough, I can see the root path being realistic with an admin who has enough knowledge to be dangerous. The whole user access puzzle was entirely a CTF gag. It wouldn't even make sense to do that in the real world.

    Can anyone suggest my next box? Remember, Irked, she was my first!

  • Type your comment> @RoTnRat said:

    Can anyone suggest my next box? Remember, Irked, she was my first!

    Curling before it gets retired.

  • Type your comment> @RoTnRat said:

    Finally got Root on this girl and she's my first! I have to get more experience enumerating every executable so this was a good system for that. In retrospect, getting user was a lot more involved. That said, from past experience in CTFs, it wasn't all that difficult.

    The main takeaway for me here is that I have to get used to the CTF mindset. I've spent way too much time as an analyst pouring through alerts, pcaps, config analysis and all that goodness for so long that I'm not used to "stupid admins" randomly breaking things in stupid ways (aka CTFs).

    Interestingly enough, I can see the root path being realistic with an admin who has enough knowledge to be dangerous. The whole user access puzzle was entirely a CTF gag. It wouldn't even make sense to do that in the real world.

    Can anyone suggest my next box? Remember, Irked, she was my first!

    Curling.

  • Got root and thus could read user file as well ...... I wonder if the way is intended ...... used a binary v******r to get an escalated shell.

  • @Tangtiphongkul: That does indeed appear to be THE intended path. I guess they throw you a bone if you figure that one out first.

  • Type your comment> @RoTnRat said:

    @Tangtiphongkul: That does indeed appear to be THE intended path. I guess they throw you a bone if you figure that one out first.

    The intended path was to get user first, then root.

    Hack The Box

  • edited March 2019

    25 pages of posts to read here. Im going to bite the bullet and ask for help. Thinking there are some creds somewhere? I found a d*******[email protected]***** email but that is it. Got a few open ports but cannot read a file and have NMAP/spidered/dirb/go/fuzzed this loads. Please PM me if you can help get initial foothold .

  • Type your comment> @Tangtiphongkul said:

    Got root and thus could read user file as well ...... I wonder if the way is intended ...... used a binary v******r to get an escalated shell.

    OMG! This is gold man! Thanks for the tip!

    jattion

  • Can someone please PM? i can't seem to figure out what to do with the extracted contents of the stego'd file. Doesn't seem to work as a user pass.

  • @MrAgent you're right. I misread @Tangtiphongkul's comment. I meant THE intended path was v******r. After your post I realized what I typed implied otherwise.

    Thank you for the correction.

  • Just got it root
    Thanks a lot @dcdesmond for the hint ..

    Feeling completely Moron, It was not that easy for me (unexperienced) , but I've visited the correct track once a day ago and didn't notice what should be clearly obvious.

    Hints in this thread are more than enough to let you get in.

    PM for help if needed ...

    Happy hacking everybody ;)

Sign In to comment.