Networked

Insert box discussion starting point here

«13456710

Comments

  • ayyy let's go

  • box not spawning properly for anyone else?

    Mech

  • First Blood in already. Under an hour. Interesting.......

  • edited August 24

    Shell is pretty easy, permission denied for user.txt

  • edited August 26

    easy shell, but now.... reading...
    user.txt :smiley:
    rooted

    user: straight forward
    root: use what you can

  • Hmmm. Got to u*****.php but whatever I do I cannot sneak a shell onto the site. Anyone got an idea where I could be going wrong?

  • edited August 24

    .

  • edited August 24

    Update: Owned user and root! :smile:
    The box is bit buggy tbh.

  • not getting php to execute the shell. got any articles I can reference?

  • This box is so slow

  • think this box is getting trolled big time. Keeps getting reset. u may want to save for another day. Making it rough right now.

  • Managed to get a shell as A***** but struggling to escalate to other user. Any nudges would be hugely appreciated.

  • Weird, I got a shell in one way, the box reset, and I can no longer get a shell using the said method :/

  • What on EARTH is going on for root on this box?!

    Hack The Box

  • Rooted :-)

    Hint for user:

    • Enum and read
    • use it
    • read again
    • same same but different

    Hint for root:

    • Enum
    • Try & Error

    v1p3r0u5
    If you need some help => 1) Your findings so far? 2) Your conclusions? 3) Your further ideas?
    RESPECT++ if I was able to help you! => https://www.hackthebox.eu/home/users/profile/139772

  • Type your comment> @v1p3r0u5 said:

    Hint for root:

    • Enum
    • Try & Error

    This is as useful as "use your keyboard"... lol

    Hack The Box

  • Type your comment> @Fugl said:

    Type your comment> @v1p3r0u5 said:

    Hint for root:

    • Enum
    • Try & Error

    This is as useful as "use your keyboard"... lol

    Hehe... Somehow yes ;-)
    Anything more would be a spoiler... You know what I mean as soon as you "executed" it for the first time ;-) Feel free to PM me for some hint :-)

    v1p3r0u5
    If you need some help => 1) Your findings so far? 2) Your conclusions? 3) Your further ideas?
    RESPECT++ if I was able to help you! => https://www.hackthebox.eu/home/users/profile/139772

  • Got a shell but don't know how to pivot from here.

    Arrexel

  • The user part was fun, especially in how a Linux i**ge manipulation tool can be used to get the initial shell.

    However the box may become unstable on free servers

  • Rooted.

    I enjoyed, learned some stuff :smile:

    Hack The Box

  • edited August 25

    Rooted, ctf-y but fun.

    Tip for user

    • please don't leave the answer lying around.

    Tip for root

    • use your keyboard
  • i continue to struggle with privesc no matter the OS... i got the initial shell relatively easy... but when i comes to building from there.. i always get lost. I use all the enum scripts their is, but i never seem to put things together once inside. Can some1 let me in on their process of attacking boxes, and share their goto's? please and thank you!

  • Okay so I found what I need to use to PE to root. Not sure what I'm supposed to do with the c*********.** file. I've read about how the NM files are configured but so far can't come up with anything. A nudge would be appreciated.

    slimz28

  • so i have an initial shell since morning but i can't read user.txt. I tried a few things related to ssh but no luck. Any nudge?

  • Type your comment> @slimz28 said:

    Okay so I found what I need to use to PE to root. Not sure what I'm supposed to do with the c*********.** file. I've read about how the NM files are configured but so far can't come up with anything. A nudge would be appreciated.

    same boat...

    Hack The Box

  • okay, so there is something with che_******. file. but i don't now how to use that to get priv shell from web shell.

  • Type your comment> @plusX said:

    okay, so there is something with che_******. file. but i don't now how to use that to get priv shell from web shell.

    Its a file that makes the user know what's wrong if you look closely

    pzylence
    OSCP

  • rooted, good linux box, i don't know why some ppl saying it's CTF-LIKE

  • Type your comment> @plusX said:

    so i have an initial shell since morning but i can't read user.txt. I tried a few things related to ssh but no luck. Any nudge?

    Man, Any hints on how to get this initial shell?

    I am following something but looks like a dead end.

  • @nuxmorpheus01 after your initial enumeration you will find some interesting pages, from there you just have to get your shell onto the server, one of the most trivial ones there is
Sign In to comment.