Networked

1141517192022

Comments

  • Spoiler Removed

  • Just rooted this box in an unintentional way by breaking the script while running some "chown" command lol!

    I dont know if this was intended to do so, if anyone rooted it in another way than breaking the script DO PM ME!

    CHEERS

  • anyone can help me with user??? i've got shell for apache user

  • Now that i've rooted this box, could someone explain how the user exploit works? Not sure I understand exactly what is happening

  • all right guys i feel like i understood some of what you said in this 17 comment pages but right now im not even sure i got to the first shell :(

    i've found the backup.tar and i have looked on how we could upload some file in order to insert a php script .... is that the things to do or am i completly lost ? please save meee ^^

  • Spoiler Removed

  • I am totally stuck at apache, can someone give me good resources on how I remove the permission in a file, i tried all I search but nothing works totally noob here, please give me some hints

  • Type your comment> @Holyrogue said:

    So just out of curiosity the /uploads page is there a reason why when the machine resets all i receive is a " . " on the page any not any of the uploads?

    same here

  • Can someone give me some help to user? I read all the suggestions in these pages, but I don't understand how to TOUCH c****_a*****.p**. You can also help me with PM. Thanks.

  • Just rooted. Actually is quite an easy box but gave me some pain the root part. Enumeration part was quite straightforward, but the script exploit part.... why that even works?

    Hack The Box

  • edited October 2019

    I am in this frustrating point (after getting the low-priv shell), where you are looking at a code, you know/imagine what has to be done, yet due to poor PHP knowledge you cannot find out the magic combination to achieve it!


    Update, got the user flag! getting back tomorrow for root. Nice trick and something new learned!

  • So is it normal that u*.t and the rest of the files in g*** have nothing?

  • edited October 2019

    Enjoyed this one... some nice privesc techniques.

  • edited October 2019

    HEy guys, i know where to touch with the low priv shell(before user), but i don't know who to do the correct touch there because forward slashes are not allowed in that names... googles the whole internet for hours... i am stuck.. any hint would be recommended (or PM ) thanks!!

    EDIT: got it.. >.<

    Now on root.. found the script which refers to the machines name.. any nudge would be great..

    EDIT2: rooted - finally, learned a bunch of new stuff

  • Finally rooted (: ********.sh is a bit confusing but fun :)

  • Super n00b here, first box attempt. Really enjoying the challenge but having a lot of trouble getting the initial foothold. I've tried to use burp to edit all the things (including magic byes) and using a double exe on the file but no luck. Any help you guys can provide would be really appreciated :)

  • Rooted after a whole day's work. My first box here. Thank you so much everyone who posted hints here. Shoutout to @rholas

  • Rooted :)

    Tips:
    Foothold: simple enumeration should allow you to fully understand how the webapp works. Then, it should be quite clear what to do.

    User: Find thing, understand how you can control the thing's input

    Root: Again, basic enumeration should yield a direction. Then... it gets weird. Like many before me I don't fully understand what happens there. Trial and error does the trick, but I will appreciate a DM if someone has some useful links on the matter.

    Also feel free to DM me for futher tips if you need :)

  • Hey guys, really stuck on this php script part and the command to inject.
    Can someone please PM me and push me int he right direction?

    Hack The Box

  • edited October 2019

    I have been struggling with this box for over 4 hours now. Can anyone give a hint or something about c_a? also found a weird .sh file which had some sort of netcat connection to it, but when executed, landed straight back onto apache

    Edit: User owned.

    Will keep digging for root

    Edit2: Root owned.

    amazing box, was fun to dig around in :)

  • edited October 2019

    Stuck on root - please DM a tip :-)

  • edited October 2019

    I don't get why the c...n....sh does not write to the file where it should, others are able to obviosly - i can see their changes (i'm user g...)

  • So I found the u*****.php page, figured I need to put something inside an image, but so far no matter what I upload I get an error and can't get a shell. Anyone want to give me a hint?

  • Type your comment> @n0bf said:

    So I found the u*****.php page, figured I need to put something inside an image, but so far no matter what I upload I get an error and can't get a shell. Anyone want to give me a hint?

    So I figured out the error and can get the files uploaded but can't get the call back. I'm open to any hints.

  • Type your comment> @n0bf said:

    So I found the u*****.php page, figured I need to put something inside an image, but so far no matter what I upload I get an error and can't get a shell. Anyone want to give me a hint?

    hey :) any hint on how to make the file uploaded ? i believe it has something to do with the size of the script right ? :/ pm me to avoid any spoile please :)

  • Size doesn't matter. At least that's what I keep telling my ... not important now.

    You have the code that does the checking (you do, don't you? If not, enumerate and maybe you find something). What does the code check for? How can you fool it into letting your "image" pass the upload filter?

  • edited October 2019

    Finally rooted. My tip: use a shell with stderr displayed.

  • Rooted !
    I enjoyed this box, easy but at the end you learn some stuff, it was interesting, i apreciated.
    If someone want some nudge , feel free to write me

    enjoy guys

  • rooted! Thx for the hints

    Hack The Box

  • So i'm pretty sure i'm on the right track, but I can't see anything but a " . " in the u...... folder. Yesterday I could see other peoples files there, but now nothing. Anyone has any idea as to why?

Sign In to comment.