Registry

2456711

Comments

  • anyone message me. how i can get a shell.. i stuck in dirb....

    • Rooted. Thanks to the creator of the box. @thek
  • edited October 2019

    Rooted very fun box.

    User part it very fun in this forum has enoung hint.
    Root part take your time to understand , What you can do.

    We can got root 2 methods.
    Very easy and hard but not much.

    Manual document is the best friend.

    Trick : root shell it has a little bug just look carefully.

    Arrexel

  • Rooted.

    First hard box. I guess i did root it the intended way? It seemed like it, can someone pm me what the other method is? Just curious.

    For user much thanks to @backslasht for a the hint :)

    A little CTF like, but had fun all the way! Thanks @thek ! :)

  • Could someone give me a nudge? I have found a hash inside a file, but struggling to find the salt that corresponds to the hash. Is that even the right way?

  • Type your comment> @idomino said:

    Could someone give me a nudge? I have found a hash inside a file, but struggling to find the salt that corresponds to the hash. Is that even the right way?

    I got the plain text from it, but to be honest with you, I just wasted time there. You can own the machine without using B***t.

  • edited October 2019

    I can't really get a hold of this machine, I found some dirs, a domain (with d****r), and a web app but I'm clueless as to how to proceed further.

    EDIT:
    Managed to get a cert file. Needing a key (i think).

    Vex20k

  • Can anyone pm me a hint for root. Tons of enumeration but not seeing it.

  • did the box just got patched?? The way i did root, does not work anymore. But that was the fun part :(

  • @thek

    Very nice box mate!
    I liked the intended way.

    @minimal0
    Yes, the box got patched.

  • Hi, I would appreciate hint for root :), Thanks

  • Stupid question, for user when I have downloaded all the ingridients (manually) for my cake, is it possible to get the combined cake without installing the cake-making-application (and re-download) or can I do it manually?
  • Patched? Not cool. That means I rooted it in two unintended ways. I'm too tired now, tomorrow I will try a third time, damn it.

  • sure. can definitely do it manually all in one unpacking command.
    everything will unravel into your working dir. hopefully.

  • edited October 2019

    hmmm.. got in last night as b**t user, but when I reset the box today and SSH in as user b**t, certain s**o command was gone.. I guess thats the patch people are talking about?

  • Yes sudo doesn't work anymore stuck at privesc .....

  • edited October 2019

    root is pretty cool.
    Gotta dig into the documentation for this one.
    (Edit: Looks like it's not the intended way but..pretty close :))

  • Finally got user, in retrospect it is stupidly simple, just got deep down to a rabbit hole...
    Now onto root :)

  • i got user within the hour of the box but didnt get any further before the patch came hehe.

    i enjoyed the last part (:

    -All hail the Potato-

  • Could someone give me a nudge on root, the possible paths not working for me.

  • Z0dZ0d
    edited October 2019

    The funny thing i can "id" and "whoami" as root and some other capabilities as well but not an actual root on the whole system!!

  • Type your comment> @Z0d said:

    The funny thing i can "id" and "whoami" as root and some other capabilities as well but not an actual root on the whole system!!

    yep! same thing for me with that privesc thing.. but reading previous comments it seems to me that there's also another way to root (exploiting the r****c tool)

  • Just rooted!
    An amazing box that teached me a lot of new things i didn't even knew about!
    Special thanks to @polarbearer for his patience and help xD
    Also a big thanks to @thek for this amazing box :)

  • @DaChef, I am so glad that you like it. Thx man ;)

  • The machine has been updated, and they have patched things.

  • WoW, really cool box, thanks @thek
    Just because I've almost shouted to the screen when I got root, I will try to give some meaningful advice:

    user: just do normal enumeration until you find the API of a very popular tool used in devops, enumerate that new service, make a local copy and then enumerate again once you are iniside, from there you should get a ssh account to the box that will give you user

    root: the fun begins here mate, I will only talk about the hard privesc since it's the only one left at the moment, enumerate EVERYTHING as if it was the first time on the box, you might get too focused on 1 file as I did, but you will find out that you cannot exploit it directly, so ENUMERATE MORE until you find some creds, then exploit the service that the creds are for, finally you will have a shell for a user that will be able to exploit the last thing to get root (the 1 file I was talking you about), so setup your local thing and get your god damn fucking root.txt

    Let's go mates, have fun.

    Hack The Box

  • edited October 2019

    fantastic box root i thought was frustrating at first until i read things correctly did notice some changes over the past 24 hours that effected a few things but got there all the same.

    If your stuck hit me up will do my best and back online in 8 hours time :D

  • edited October 2019

    I was really enjoying this box until I got user and started moving towards root, and then I discovered all the little measures designed to just annoy me in my quest rather than serve any legitimate security purpose. User was interesting and informative, but root is turning out to be extremely annoying for really no reason at all.

  • any help for root ? i have shell

    azeroth

Sign In to comment.