Postman

191012141538

Comments

  • Type your comment> @choconilla said:

    Can't seem to find w****n or r*** in my enumeration. Can someone PM me? This is only my second box.

    Did you scan all the ports?

  • Type your comment> @Ghost40 said:

    Type your comment> @choconilla said:

    Can't seem to find w****n or r*** in my enumeration. Can someone PM me? This is only my second box.

    Did you scan all the ports?

    Found it......now i feel dumb.

  • thanks rooted!

  • Okay I am have found the r****s and i am running an exploit and need help to see where the stager is being loaded up at...TIA

  • Spoiler Removed

  • can someone PM regarding the param that should be used for the ex****t to get root ? thanks

  • Giving up on this fucking machine. I'm the only one on the box (a reset box)...and the same process that previously got me the shell for all of about 30 seconds yesterday before getting booted off won't happen again...ideal...

  • edited November 2019

    .

  • Rooted, thanks to @bumika and @mvc1009 for the nudges.
    Tips for those still stuck on Root: If you thought you have found the right path, it's probably because you have. And make sure it's YOUR path, as not all publicly available paths will take you straight to your destination.

  • I'm new in the site and it's my first machine. I've found the r**** and the w***** but can't find how to follow cause exploits on m********** don't work.
    Appreciate any help thanks.

  • Rooted, thanks to @bumika and @mvc1009 for the nudges.
    Tips for those still stuck on Root: If you thought you have found the right path, it's probably because you have. And make sure it's YOUR path, as not all publicly available paths will take you straight to your destination.

    couldn't have said it better myself, always check your code and make sure it works for YOU

  • the user has a D* in ssh config. can someone please tell me how to get around that?

  • I found r***s and tried the suiting metasploit module. its not working for me... Can someone PM me to confirm that its is not postman acting up?

  • Can someone please nudge me on how to bypass ss* De*** config for the user?

  • Only real problem I had was that initial foothold apparently was in the wrong path, once I found the path where I could do the commands it was no major problems at all (except some typos on my part).. got root before user, thanks to the gathered credentials and remembering the first thing I found and looked at but couldn't access. overall, pretty easy box as long as you take your time with google and basic user enumeration.

    Hack The Box

  • cant even netcat that thing on port 6379...

  • ROOTED! I thoroughly enjoyed it.
    PM for a nudge

  • edited November 2019

    Did something change? I needed to restart but the directories in r***s appeared to change. I cannot create the ssh folder anymore :( or edit the config directories

    edit: never mind I had to change to the previous directory.

  • edited November 2019

    I have shell now what? any tips?

  • managed to find some ports, now looking at exploits... I think I'm on the right track looking at R***s and W****n exploits, and I in the right track? maybe need some advice getting stuck on exploit

  • edited November 2019

    Someone just put a password on the account r___s. I cannot use the s__ exploit for the first shell anymore...

    EDIT : It's working again !

  • Type your comment> @Franna said:

    Can someone please nudge me on how to bypass ss* De*** config for the user?

    if your already in terminal on r**** how do you switch users without starting a new connection?

    i never did look at ssh config can you tell me what the De*** is and does?
    got root the other day if anyone needs help let me know! (:

  • Type your comment> @ananb said:

    Type your comment> @Franna said:

    Can someone please nudge me on how to bypass ss* De*** config for the user?

    if your already in terminal on r**** how do you switch users without starting a new connection?

    i never did look at ssh config can you tell me what the De*** is and does?
    got root the other day if anyone needs help let me know! (:

    I wouldnt mind some help... Noob trying first pop :-)... got as far as figuring out that R***s is possibly the way in ... got some sort of connection to it, but stuck

  • *Spoiler Removed*
  • rooted!! wooo! this was my first box on HTB, and if this was "easy" i have a lot to learn >.>
    thanks to all for the hints along the way!

  • Rooted! finally after 2 days lol thank you @JackWH @JadeWolf @MrW0l05zyn @mvc1009 @N0tAC0p and @halisha for all the help

  • Rooted for me too ! Very pleasant to do !

    Thanks for people who put some hints !

  • edited November 2019

    Managed to get low priv shell a few days ago but can't find a way to user :(
    I've found the i*****.**k, got the password with john but when i try to connect with ssh it closes the connection
    Any nudge?

  • I'm frustratingly close to root I think. Have user and am trying to attack that "other" web application but it's just timing out.. I think there is a horde of people brute forcing it? 😂😣

  • Type your comment> @Dark0 said:

    There is a very good book called: Kali Linux - An Ethical Hacker's Cookbook is Great, good luck guys

    After get inform nmap and search keyword from this book it's very useful. Thank you

Sign In to comment.