Hint for HELP

«13456729

Comments

  • edited January 2019

    The clock synch. was a pain in the !@#$%
    After that, it was very easy to root!

    Edit: It seems that there is another solution for this box, which seems interesting. I would love to see the other solution for the initial foothold from the other port. So if someone did it, I would appreciate a PM.

    Hack The Box

    OSCP | GPEN | eCPTX | CREST CRT | GDAT | eCPPTv2 | GWAPT | OSWP | ECSA (Practical)

  • Not sure about other port.

    MrR3boot
    Learn | Hack | Have Fun

  • Did anyone reach to something from apache? even common directory bruteforcing is not working

  • I did get some interesting directories. Working my way towards RCE.

  • Good, any hints?

  • help.. XD

    Fun times are bound to end. - Korosensei

  • Anyone has luck on axx end ?

    MrR3boot
    Learn | Hack | Have Fun

  • @D4Vinci said:
    Good, any hints?

    Usual directory listing, try other list if yours is not getting any. For me the usual classic has never gone wrong.

  • @Malone5923 said:

    @D4Vinci said:
    Good, any hints?

    Usual directory listing, try other list if yours is not getting any. For me the usual classic has never gone wrong.

    yup I got a directory and started working on getting a shell now :D

  • I know where to upload my shell, finding it and executing it is the problem. The exploit to find it isnt working.

  • @Malone5923 said:
    I know where to upload my shell, finding it and executing it is the problem. The exploit to find it isnt working.

    same boat

  • And @buckley310 gets first blood. Congrats man.

  • edited January 2019

    Cant get passed the C**F check when uploading the shell.

    Edit: Whoops, forgot a port in my scan as I went straight to port 80 lol.

  • Dont reuse posts @vanquish

  • brb kms if it was about using the "right" wordlist

    Hack The Box

  • edited January 2019

    EDIT: user is tricky.

  • I managed to find whatever I upload.. but I'm starting to have a feeling it is a rabbit hole..
    Sooo.. is it?

  • This box is surprisingly tricky! Love it!

    OSCP | TMHC CTF

  • @23Y4D said:
    I managed to find whatever I upload.. but I'm starting to have a feeling it is a rabbit hole..
    Sooo.. is it?

    Same here...thought I could trick it to upload a specific file type but no luck...

  • Did anyone get code execution?

    Hack The Box

  • Rooted. Loved the box. Hints:

    1. No brute force is necessary
    2. It is possible to get RCE (hard), but much easier to find creds
    3. You have to partially guess a username

  • The N***.JS is the way to go?

  • jkrjkr
    edited January 2019

    I didn't need that. But seems others used another path and did need it.

  • Ok, so i have been sitting a while trying to get a shell. Could someone PM me so i can find out if my method is not a waste of my time? (Don't want any spoilers) Cause i feel my method is the way to go.

  • are we supposed to get creds? cause i seem to be failing on that
    also the unauthenticated exploit is not working (maybe modification is needed?)

  • Could I get a hint please? Ticket portal or JOSN page?

  • jkrjkr
    edited January 2019
    You can use one or the other. There is at least two ways you can go.
  • hints on privesc?

Sign In to comment.