Haystack

18911131423

Comments

  • Someone up for discussing the final part to root? I've tried so many things, it got triggered, but even simple tests aren't executed.

  • nice steganography

  • can anyone PM on haystack root hint?

  • hi I get an error in the apis parameter. can someone please tell me , am i on the right way?

  • edited July 2019
    Would appreciate a hint on the syntax for the final step to root :smile:

    Edit:

    Got Rooooooot :wink:
  • Rooted with a helpful nudge from @v0yager who saved me from my grokking nightmare.

    For people stuck on changing user (paramater errors):

    • Google K***** config file and read the documentation. You can find the file easily and should then understand why it's not working from where you are trying it.
    • When you curl from the right place make sure you wrap the url in ' (as posted above). This will stop the apis paramater error.

    I'm slow on replying to PMs currently but happy to help.

  • Hi, can someone help on the privesc part for root. I actually need someone to verify something for me if possible. Of course, a nudge would also be appreciated

  • @Meeryr thanks for your help

  • Is there supposed to be an actual image file on the homepage? For me, there is nothing displayed at all. When I go to the source code and follow the link, then download the image, it's just an empty .jpg with 0 bytes. Is that supposed to be the case or is a reset in order?

    Hack The Box

  • Type your comment> @TimW94 said:

    Is there supposed to be an actual image file on the homepage? For me, there is nothing displayed at all. When I go to the source code and follow the link, then download the image, it's just an empty .jpg with 0 bytes. Is that supposed to be the case or is a reset in order?

    there should be an image. although it is not needed for the box.

    it does give a great HINT

  • Need some help with user priv upgrade to K.

    when i speak to K i keep getting "empty reply from server"

    to my knowledge i am doing everything correctly and have also spoken to some people in this forum and cannot find the problem.

    if anyone has any ideas please PM me.

  • Finally rooted this one as well. I have really mixed feelings about this box. I'm a new user here (and this is the 4th user and 3rd root I got, sooooo yeah, pretty noob). But on the previous boxes I felt that "this could have been a real box that somebody just misconfigured/not updated/etc..." , not this one. I was stuck on the final step to root because who in their righ mind would put anything like that in the l******* config??

  • Hello there,
    How do I dump the data from ElasticSearch DB?
    I am stuck as I've tried installing "Kibana" as I've seen in some videos its used as an API to interact with ElasticSearch I guess.
    I tried searching "10.10.10.115:9200/_search" and it provided me with a bunch of information. What do I need to do now?
    Any help is appreciated.
    Thank You!

  • Type your comment> @shellroot said:

    Hello there,
    How do I dump the data from ElasticSearch DB?
    I am stuck as I've tried installing "Kibana" as I've seen in some videos its used as an API to interact with ElasticSearch I guess.
    I tried searching "10.10.10.115:9200/_search" and it provided me with a bunch of information. What do I need to do now?
    Any help is appreciated.
    Thank You!

    you need to slightlty change your search query to show all the data.

    should be many indexes.

    DM me for more help

  • I need a nudge on switching from the user s******y to k****a

  • Could someone help me with the l******** privesc, i am already k******? I thnk i know what to do but it isn't working.

  • edited July 2019

    On root. Never used this tool before, so trying to get it started. Any nudge wud be great.

  • edited July 2019

    @idomino said:
    Finally rooted this one as well. I have really mixed feelings about this box. I'm a new user here (and this is the 4th user and 3rd root I got, sooooo yeah, pretty noob). But on the previous boxes I felt that "this could have been a real box that somebody just misconfigured/not updated/etc..." , not this one. I was stuck on the final step to root because who in their righ mind would put anything like that in the l******* config??

    hi,i think i'm in the final step,i try to add some script in l******h_*,but what's next?i can't restart l******h.
    if anyone has any ideas please PM me.

    Rooted!!
    Learn a lot about ELK,great box!!

  • hi,i think i'm in the final step,i try to add some script in l******h_*,but what's next?i can't restart l******h.
    if anyone has any ideas please PM me.

    It runs automatically as long as it's in the right place.

  • Hello,
    Can anyone help me with the privilege esc.
    I have tried the LFI but there is just the nginx 404.
    trying that with node , it just gives me another security shell.
    Any help is appreciated
    Thank you

  • hi, this my first maschine im doing. I got stuck on root priv_esc .... maybe someone can confirm im on the right track or not:

    • iam user k*****
    • i added something on the bottom of a file s********s
    • when i try to execute it manually it kind a tells me iam not root..
    • it seems not to be executed... waiting for around 30 mins.. or should i be more patient..?

    ...
    @JoyDragon thx for the maschine i already learned a lot her!

  • Type your comment> @hva said:

    hi,i think i'm in the final step,i try to add some script in l******h_*,but what's next?i can't restart l******h.
    if anyone has any ideas please PM me.

    It runs automatically as long as it's in the right place.

    Are you sure it runs automatically ? I've seen it being triggered at different intervals and was under the impression someone else must have triggered it for me.

  • Are you sure it runs automatically ? I've seen it being triggered at different intervals and was under the impression someone else must have triggered it for me.

    Hmm... I'll have to go back and revisit. I was under the impression it ran automatically as part of the logging process. FWIW I ran several different command while messing with the box after getting root.txt and there were no other files there.

    Let me know if you find out otherwise!

  • Rooted

    Not an easy box to be honest, only the user part was easy. Should be medium.

  • Hi user.txt taken. I went up as a user k ******. now I don't know how to go on. any small suggestions?

  • Anyone else having problems with that F thingy where you get no response from the server?

    Running for OSCP

  • Can anyone give me a nudge as to why I can't find the right place to put my script? Looking at k***** config yml hasn't helped me! Still confused!

  • edited July 2019

    Type your comment> @smaxs said:

    hi, this my first maschine im doing. I got stuck on root priv_esc .... maybe someone can confirm im on the right track or not:

    • iam user k*****
    • i added something on the bottom of a file s********s
    • when i try to execute it manually it kind a tells me iam not root..
    • it seems not to be executed... waiting for around 30 mins.. or should i be more patient..?

    ...
    @JoyDragon thx for the maschine i already learned a lot her!

    Same situation. Stuck since yesterday. I will appreciate any hints on DM.

    Edit: Done. Nightmare.
    Edit2: To be clear - it was nightmare for me to root the machine due to lack of knowledge of ELK stack as well as lack of experiance. The box itself is great, the ctf-like user part is fun!

  • Still super stuck on this trying to priv esc to K*****...

    Please can someone help me find the correct location to put the js? I have looked in the yml and nothing sticks out to me...

  • Finally rooted. Thanks to @Nick the man and to @dalemazza. There are tons of great hints in this thread already.

    I don't understand why this box has so many downvotes. You can easily find out e*******h commands from google, use those to dump all the info and then use grep on that to find the keyword the needle gave you. PrivEsc on this box is also really cool.

    Make sure to change the filename at the very last stage of root if you change something on the file. And feel free to pm me for help.

    Hack The Box

Sign In to comment.