Irked

12324262829

Comments

  • yes got root, with a little help form a good pentester i saw the file but did not know exactly what to do. read what it says when executed.

    madhack
    If you need help with something, PM me how far you've got already, what you've tried etc.
    Discord: MadHack#6530

  • edited March 2019

    Can any one help me with .ba.... file, I am not getting where the stego is, That's all plain txt, Can anyone guide me with that part

    EDIT :- ROOTED, Very Very Thanks to @madhack

    But i did not understand privesc, Can anyone please explain me

  • At last, got root. We need to keep it simple, don't over think.
    Everything in this thread make me realize how to move... :D

    thanks for @dcdesmond for the hints.

  • I have been working on this box on and off for days. I got the low priv, i even figured out the stg challenge, but cannot get root. I've used various scripts and commands to get a list of running svcs and binaries on the box and cannot find the one that "sticks out. Does anyone have a hint to push me in the right direction?

  • edited March 2019

    Type your comment> @c0mplex said:

    I have been working on this box on and off for days. I got the low priv, i even figured out the stg challenge, but cannot get root. I've used various scripts and commands to get a list of running svcs and binaries on the box and cannot find the one that "sticks out. Does anyone have a hint to push me in the right direction?

    Just find v......r file in SUID Binaries, Use some Enumeration scripts

  • I have a shell via U******RCd and i have no idea what to do next( hint me in pm, plz

  • rooted, finally. thanks to all offering hints!

  • Type your comment> @SpicyCrack3r said:

    I have a shell via U******RCd and i have no idea what to do next( hint me in pm, plz

    Poke around the User, You will find something Intreasting

  • I really wonder how long first blood took...I got root quickly enough I think I may have actually competed for it...hint: dont overlook the trivial methods for anything, especially privesc

    Hack The Box

  • The system is so unstable, the connection keeps breaking. I got the reverse shell and then the connection broke, anyone facing this ?

  • Type your comment> @vasiqmz said:

    The system is so unstable, the connection keeps breaking. I got the reverse shell and then the connection broke, anyone facing this ?

    same

    Arrexel
    OSCP | I'm not a rapper

  • Rooted! Thanks to @MrBlackHat

    If you need a hint feel free to pm me ;)

    -------- xOkami --------

    xOkamil

  • I've already rooted this box, but I'm helping a friend with it at the moment...

    So my question is... Who is the fucking moron who deleted the home directory?

    Nice job, asshole. Thanks for ruining this box for those still trying it. You're not funny. You're just a prick. "ooOo I roOtEd thiS BoX MiGhT aS WeLL RuiN iT"

    No. Stop. Go do something better with your time -- ignorant dipshit.


    Hack The Box
    defarbs.com | Retired Machine Writeups! - "Let me just quote the late, great Colonel Sanders, who said, 'I'm too drunk... to taste this chicken.'”

  • edited April 2019

    I have user and I know how to get root but someone changed the perms of the temporary file......... and hit max reset for today. Please ppl don't do this let other ppl enjoy the box to.

    so pissed off rn.

    some one resetted it THX!
    got user & root feel free to pm for hint

  • edited April 2019

    Got user & root. That was a fun box! As always, P.M. for hints

    ThunderB

  • Will someone PM with some help? I'm still new to all of this, and I'm stuck looking for entry using RPC that the nmap scan showed.

  • Just rooted!

    Thanks everybody for tips.

    For whose who stuck:

    1. user: enumerate all ports, then use well known exploit in Metasploit (need some change in config, see 'options'). Then enumerate user's folders and try to find something hidden, you will get the another hint. Use it with default page of web-site.

    2. root: I started to use many enumeration scripts and found out some 'bin' file, that have a strange behaviour, use it to exploit the system.

    p.s. read the forum, there are a lot of good hints to catch.

    Good Luck!

  • Someone able to give me some pointers here. I finally got the user flag but my metasploit session only lasts about 20 seconds before 'hanging' and then needing to run the exploit again. am I missing something here?

  • I finally rooted my first machine.It was giving me a tough time to get root.
    Some tips:

    • For user you just need to knock all the doors and then the welcome page will give you the user.txt
    • For root it is so simple. Basic enumeration will give you what you want. Be sure to check your enumeration result carefully.

    Master123

  • Someone can help me?
    What can I do with the UP***************ss

  • rooted
    priv esc not hard just basic enum

    Arrexel
    OSCP | I'm not a rapper

  • Type your comment> @helderjsd said:

    Someone can help me?
    What can I do with the UP***************ss

    google the line above that string it points you to a popular tool.
    that string your questioning about will help you with something that was in your face the whole time.

  • Type your comment> @Shad0wSec said:

    Can someone please PM? i can't seem to figure out what to do with the extracted contents of the stego'd file. Doesn't seem to work as a user pass.

    interesting tried this again with the user in question and it worked this time..didn't work the 8 other times i tried it in the past though...

  • Have the user, found the suid bin, but I'm stuck on what exactly to do for the priv esc... Any help via PM would be much appreciated as I'm still learning priv esc.

  • Finally got user. Working on root now...

    kneedeep

    Reality is often disappointing.

  • Finally managed to get the root flag, many thanks to those who reassured that I was going in the right direction.

    Spent a lot of time trying to exploit a service running on the box in order to escalate from user to root privileges but in the end this was not necessary. I had spotted the wrong thing after enumerating the host lol.

    LordImhotep
  • Hi Guys, is the below meant to happen, or is this due to a bandwidth issue or something, would appreciate the help :)

    [email protected]:~# nmap -T4 -sV 10.10.10.117
    Starting Nmap 7.70 ( https://nmap.org ) at 2019-04-08 17:29 BST
    Warning: 10.10.10.117 giving up on port because retransmission cap hit (6).

  • @shredz said:
    Hi Guys, is the below meant to happen, or is this due to a bandwidth issue or something, would appreciate the help :)

    [email protected]:~# nmap -T4 -sV 10.10.10.117
    Starting Nmap 7.70 ( https://nmap.org ) at 2019-04-08 17:29 BST
    Warning: 10.10.10.117 giving up on port because retransmission cap hit (6).

    Never mind I waited long enough and it ended up working in my favour XD

  • Really enjoyed this box.. I really surprised myself sorting the user.txt. I have never heard of steg before, I basically googled the line above the password and I got some information on it. I also used a website with the given password and it decrypted. Got user... As everyone said, for root, enumerate and enumerate. I ran a priv esc script on my Kali box as as well as this box and compared and googled most that was different. I did struggle still for ages. I thought it was pk.... as I had similar on an OSCP machine but that led me pis*ing around for ages.. In the end, I got a root shell and was able to read the txt

    OSCP | CCNA | CPSA

  • I'm trying to create and run a script on the box but none of the editor seems to be working for me. Can anyone give me some tips on how I can get the text editors working or is there another way to get root? Pm pls thanks!!

Sign In to comment.