Sniper

ARE WE READY????

«13456

Comments

  • Yarp, Ready and waiting!

    Hack The Box

  • A windows box? Guess it's time to start learning SMB again...

    clubby789

    • GCIH
      If you need help with something, PM me how far you've got already, what you've tried etc (I won't respond to profile comments). And remember to +respect me if I helped you ; )
  • Type your comment> @Drragonn said:

    ARE WE READY????

    BRUH

    (but also, yes)
    (see you online soon you can write python and i'll just run strings a bunch)

    Bru

  • Congrats @snowscan on the first blood...

    Hack The Box

  • Any hint for initial foothold? :D I enumerated all pages and urls. Even if i find something - nothing work for that :/

    If you need help with something, PM me how far you've got already and what you've tried. I won't respond to profile comments. And remember to +respect me if I helped you <3

  • Any hints? found F ..

  • Will "user comment" lead to something?
    I couldn't decode it so far.

  • am still playing with LFI and nothing comes up , did i miss something or i should go to enum again :S

  • is the name a hint to it being constantly down or am i killing it by using enum tools?

  • Type your comment> @D8ll0 said:

    Will "user comment" lead to something?
    I couldn't decode it so far.

    You ever figure out what format it was in?

  • Type your comment> @bodresha said:

    am still playing with LFI and nothing comes up , did i miss something or i should go to enum again :S

    You're on the right path. See if you can make it more than just local.

    opt1kz

  • I am totally fed up after LFI...Not sure on how to proceed further?

  • Type your comment> @ow1joker said:

    Type your comment> @D8ll0 said:

    Will "user comment" lead to something?
    I couldn't decode it so far.

    You ever figure out what format it was in?

    Don't waste your time, it's useless.

  • Can anyone point me in the direction of lfi I thought it was a language thing but am getting nothing from it :(

    Hack The Box

  • edited October 6

    Spoiler Removed

  • edited October 7

    ;)

    azeroth

  • Rooted - nice box..
    Learned a thing or two

    Tips for User: when it equals something - you can always change it

    For Root: Just read files - use google - get root.

  • Got my foothold and some creds, but no idea how to escalate from here

    clubby789

    • GCIH
      If you need help with something, PM me how far you've got already, what you've tried etc (I won't respond to profile comments). And remember to +respect me if I helped you ; )
  • Can I get a sanity check on the initial foothold? I think I have a few things, but I also think I've spent quite a bit of time in some rabbit holes.

  • rootted thanks @farbs

    v1ew-s0urce.flv
  • Type your comment> @xdaem00n said:

    rootted thanks @farbs

    I haven't even done the box what are you talking about? 😂


    Hack The Box
    defarbs.com | Retired Machine Writeups! - "Let me just quote the late, great Colonel Sanders, who said, 'I'm too drunk... to taste this chicken.'”

  • edited October 7

    got cmd execution but can't get rev shell. can anyone help me ?
    update: got the rev shell, need help with priv esc to user

    azeroth

  • I found some LFI on the box, but im not sure where to go from there. I created a script to enumerate all the windows dirs, but Im only having luck with two of them. Any help????

  • edited October 7

    Spoiler Removed

  • This box or the US VIP instance of it is incredibly unstable. I've rebooted it numerous times, assigned myself to other boxes then switched back to sniper, I've regenerated my VPN connection pack, and i'm still having issues with it only staying up for about 1 minute at a time then having to wait another minute or two before it responds to any pings or other network connections.

  • edited October 7

    Same, in every respect.
    This must be 'The Sweetest' security mechanism for iis/M$ that no one has ever considered before. Or, something is really messed. Dunno. Gonna retry the lfi/rfi casserole in a few days, no idea.

    rip

    Type your comment> @dr0ctag0n said:

    This box or the US VIP instance of it is incredibly unstable. I've rebooted it numerous times, assigned myself to other boxes then switched back to sniper, I've regenerated my VPN connection pack, and i'm still having issues with it only staying up for about 1 minute at a time then having to wait another minute or two before it responds to any pings or other network connections.

  • Type your comment> @dr0ctag0n said:

    This box or the US VIP instance of it is incredibly unstable. I've rebooted it numerous times, assigned myself to other boxes then switched back to sniper, I've regenerated my VPN connection pack, and i'm still having issues with it only staying up for about 1 minute at a time then having to wait another minute or two before it responds to any pings or other network connections.

    Must be the box im on eu and my shell drops constantly i changed vip servers and payloads same thing

  • I'm reinstalling kali to make sure it's not my goofy VM settings.

  • I'm on the final step for root, I've even tried other people's exact solutions after mine has failed to work, but I just can't get it to work :/

    clubby789

    • GCIH
      If you need help with something, PM me how far you've got already, what you've tried etc (I won't respond to profile comments). And remember to +respect me if I helped you ; )
  • I'm in the US with VIP and haven't had any general problems with the box. I think I made SQL crash once, but aside from that I haven't had any problems aside from my general ineptitude on getting a shell to pop.

    I know my experiences don't mean you aren't having problems, just wanted to throw out there that it might not be the box, or at least it's not a universal issue.

Sign In to comment.