I have 3 users and 3 passwords. I can connect to S** with a user and pass. But nothing in it..... Can someone PM me with some tips. Pulling my hair out here .
That was a fun one box (It was my first one, and I most on linux way, so it's possible to do it).
I take about 6 days to resolve it with a lot of errors because I was doing wrong.
Tips :
I'm new in CTF and really you have all the information for the way to have the Users and the Root here.
If you can't do it please read again the 10st pages and one time all the pages to find the way.
I find many tips on the forum but after trying it returns me a lot of errors so I try differents tool, but when i rooted the machine I knew that a lot of my errors was because of me (Bad Syntax, command or options.
So if you want to congrats this challenge read the forum and RTFM will helps you a lot.
PS : It's funny to know that when you know everithing it takes 30 minutes for getting root
I have 3 users and 3 passwords. I can connect to S** with a user and pass. But nothing in it..... Can someone PM me with some tips. Pulling my hair out here .
Can anybody help me on root phase? I found sha hash and decrypted it, but I can't find a place to use. I tried to proc***p animal and using strings search in those files, but still can't find anything interesting. i've been stuck for hours now.
Bit lost in the sauce on this one. Can access **5 but is there something there I should be looking for? Legit just get into the ***$ and can't do anything? Nudge please!
Rooted!...This was a fun box to work on. I have a habit of overthinking things and when I started this box, I tried to keep it simple. If you are stuck on something, DM me and will be more than glad to help.
Thank you @MinatoTW for this box, it was super realistic and fun!
As other have said:
Foothold: you don't get/won't need a shell on the box for foothold
User: Enumerate all you can. Grab every username you can find. If you happen to find any passwords, the internet is your friend.
Root: I got stuck here for 3 days. Reading the comments really helped. No exploitation needed here, no guessing required. It's all in your memory and environment.
Need a hint on a user please
Got probably 2 users and 3 passwords(from hashes)
Tried doing r*****p.py and got 315 endpoint (WTF even is that?) and also tried l**k****d.py, nothing.
help
UPD: got 9 users now, saw 3 share-folders, but no clue what to do next. PM me please
Available to help when I can and know how to help. However do not expect responses right away on these days. Sunday - Wednesday between 7am-8pm EST (USA, Orlando, Fl) as I work those days from 7a-7p and then the ride home. Just a forewarning is all Other than that I'll answer ASAP, or when I get home from work.
CompTIA A+ | Network+ | Security+ | C|EH | CySA+ (In Progress)| PenTest+ (In Progress) |
Comments
I have 3 users and 3 passwords. I can connect to S** with a user and pass. But nothing in it..... Can someone PM me with some tips. Pulling my hair out here .
I got 9 users now
used the l********.py
thanks @aho for the help
Working on root. Can someone DM me. Getting stuck
Rooted !
That was a fun one box (It was my first one, and I most on linux way, so it's possible to do it).
I take about 6 days to resolve it with a lot of errors because I was doing wrong.
Tips :
I'm new in CTF and really you have all the information for the way to have the Users and the Root here.
If you can't do it please read again the 10st pages and one time all the pages to find the way.
I find many tips on the forum but after trying it returns me a lot of errors so I try differents tool, but when i rooted the machine I knew that a lot of my errors was because of me (Bad Syntax, command or options.
So if you want to congrats this challenge read the forum and RTFM will helps you a lot.
PS : It's funny to know that when you know everithing it takes 30 minutes for getting root
Have a good luck for the others.
Type your comment> @MRKR said:
Page 3 on 5 you'll find all what you need
Type your comment> @fbr0 said:
Hum command help maybe will help
or some stuff in powershell manual maybe ....
Can anybody help me on root phase? I found sha hash and decrypted it, but I can't find a place to use. I tried to proc***p animal and using strings search in those files, but still can't find anything interesting. i've been stuck for hours now.
Bit lost in the sauce on this one. Can access **5 but is there something there I should be looking for? Legit just get into the ***$ and can't do anything? Nudge please!
Rooted!...This was a fun box to work on. I have a habit of overthinking things and when I started this box, I tried to keep it simple. If you are stuck on something, DM me and will be more than glad to help.
Just got this!
Thank you @MinatoTW for this box, it was super realistic and fun!
As other have said:
Foothold: you don't get/won't need a shell on the box for foothold
User: Enumerate all you can. Grab every username you can find. If you happen to find any passwords, the internet is your friend.
Root: I got stuck here for 3 days. Reading the comments really helped. No exploitation needed here, no guessing required. It's all in your memory and environment.
Feel free to pm for hints!
Need a hint on a user please
Got probably 2 users and 3 passwords(from hashes)
Tried doing r*****p.py and got 315 endpoint (WTF even is that?) and also tried l**k****d.py, nothing.
help
UPD: got 9 users now, saw 3 share-folders, but no clue what to do next. PM me please
Did this machine get decommissioned ?
Type your comment> @0X44696F21 said:
Yes, this machine is now retired.
Available to help when I can and know how to help. However do not expect responses right away on these days. Sunday - Wednesday between 7am-8pm EST (USA, Orlando, Fl) as I work those days from 7a-7p and then the ride home. Just a forewarning is all
Other than that I'll answer ASAP, or when I get home from work.
CompTIA A+ | Network+ | Security+ | C|EH | CySA+ (In Progress)| PenTest+ (In Progress) |
Got user and rooted. I learned a lot on this machine. Word of advice to myself and others POWERSHELL. It is extremely helpful to learn how it works.
Thanks to @w4x and @AlexLTN for the nudge.
Done, was a pretty good challenge ^^ if anyone need help pm me
Is it normal that I can't list any process or programs? Everything returns access denied, or the command just shows error.
Any hints would be greatly appreciated on getting this working. Or an alternative way.
Don't forget to +respect if I have helped you out at all.
Happy Hacking!
https://www.hackthebox.eu/home/users/profile/135164