• Type your comment> @wawrzeniec said:

    Type your comment> @x41 said:

    Why do I always struggle with the seemingly easy stuff.
    4 hours in and not even a shell. sigh

    This is pathetic.

    You are not the only one. I don't know why people say that it's easy or straightforward but having never done or heard about this before it certainly wasn't for me. I was able to get a shell after a lot of headache so feel free to pm me if you need a nudge in the right direction

    I'll ask you if I can't get it after the next 4 hours. :D
    I haven't exhausted my possibilities. So I'll try harder.

  • I got root.txt. It's very instructive machine
    Thanks to @4LPH4X and @GChester

  • User took me too long too crack, i started to hate PHP lol, but very good Box. Root is pretty much very very simple.

    Hint for root: don't think too much, just do basic enum and try basic commands :relaxed:

    Thanks to the people who helped me for user :wink:

  • Finished up the box. Interesting box. Not totally understanding the root portion totally. Liked to compare solutions with anyone else, see if we got root the same way.

  • edited August 2019

    @PanamaEd117 - just got root.

    i was confused too, afterwards. to help it make a bit of sense, think about how what you entered got put into a file somewhere. Then, on any box, try entering that same kind of thing as an experiment. Think about what isn't happening properly.

  • edited August 2019

    thanks all for abusing the box, two clarification:
    1) foothold: no CTF at all, that is something that existed as default and was actively exploited. no problem if you never heard about it and just tried to throw everything you have in your arsenal, but please CTF is not a synonym of "I wasn't aware" :)

    b) root: again, no problem if you spray&pray, that's a big part of this game. but bear in mind that this is again a default for this scenario, still today. you really should follow old-school message board.

    try to understand both foothold and root, bloods are gone and there's no rush to just flag. research, understand, and unalias CTF pls :)

  • edited August 2019

    Confused on root. Please PM with tips/hints.

    EDIT: nevermind, I rooted it. Not really sure how though.

  • Confused on user. Please PM with nudge. Can upload but not that what I want to.


  • OK got root but it was pure luck and not really sure why it worked. If anyone can explain the exact reason for the privesc I would greatly appreciated. DM or discord, thanks.

  • edited August 2019

    I'm pretty stuck on root if someone could PM me for advice. I feel stupid, but i've tried all the "simple" stuff.

  • Found up****.php , Give further hint

  • rooted!

    initial access: you need to fool the server..
    user : take a look at source.. and just try run... trial and error..
    root : simple.. see what you can do in the server..

    pm me for help...
  • edited August 2019

    Rooted: Ezclap

  • Type your comment> @DeDeReporter said:

    Ok. Rooted. But can someone explain me why script line

     e**o $**r=$*

    EXECUTING command included in $*?
    i will appreciate some explanation on DM. I dont like rooting machines without fully understanding what happens.
    Thanks in advance

    the ifup executing command, not echo

  • rooted thanks to @D8ll0 and @Tohzzicklao

  • Rooted, pm for hints

    OSCP | PMP

  • Type your comment> @gk4u said:

    Type your comment> @DeDeReporter said:

    Ok. Rooted. But can someone explain me why script line

     e**o $**r=$*

    EXECUTING command included in $*?
    i will appreciate some explanation on DM. I dont like rooting machines without fully understanding what happens.
    Thanks in advance

    the ifup executing command, not echo

    I've rooted the box but had the same doubt as @DeDeReporter ...It would be great if you can share some reference link in private message.

  • edited August 2019

    hello guys,

    i tried everything to get the root with no luck, with very basic enu.
    please PM for helpfull hints

    edit: rooted, it difficult to know or guess it work like that.

  • I got root, With just luck.
    It did already happened with one or two boxes on HTB earlier.
    Can any one explain, How and Why this works?

  • Can someone DM me regarding the c****_a***** php file. I can see mostly what it's doing - but not sure how to manipulate it.


    Hack The Box


    I really enjoyed this box! Nice techniques and I learned a lot! The user part was more difficult than root but I loved the privesc both user and root

    • Foothold: you just have to upload something well crafted
    • User: not so easy to me, try to understand what php files do and which function you can exploit
    • Root: quite easy, first you have to understand what your user can execute and then exploit it

    I hope this doesn't spoiler too much, otherwise feel free to remove my comment.

    PM me if you need hints


  • After a bunch of research, i finally found out why/how the root-privesc works. If you rooted the box and don't know why, feel free to PM me, i will send you the link.

    (same goes if you got spoiled the user-privesc and didn't understand it)

    Press F to give respect

  • got root pretty fast... in the first 10 attempts of test inputs , i will try later to study it in detail

    Hack The Box

  • edited August 2019

    Rooted! Fun box, and the first box I was able to root without even visiting the forum for hints.
    The very last part took a bit of creativity though.

    If you need a hint you're welcome to PM me.

    EDIT: After reading this thread, I apparently got root in a roundabout way, involving "some other way to write an IP".

  • edited September 2019
    I'm at a loss on the root.

    Got the user quickly but root has me stumped.

    I know the file I need to use but I can't see what I need to enter to escape.

    Any hint over DM would be appreciated

    EDIT: bit of sleep and a fresh look over and i cracked it. Good box! learnt a few things on the way to root


  • Rooted ! The problem here is the overthinking. Keep it simple

    If anyone need a nudge just ping me


  • rooted.
    For root, 1) basic check for your given privilege, 2) read a script, 3) try several things with the script and see the error message.

  • Rooted, nice box really enjoyed, thanks makers, learnt again 👍

    ”No questions a stupid question”
    <img src="" alt="Hack The Box">
  • Need help con privesc, please pm a hint
  • edited September 2019

    Nice box

    [[email protected]]# id
    uid=0(root) gid=0(root) groups=0(root)

    PM for hints :)

Sign In to comment.