Подсказка
user: ищите скрипт на r***s немножко подправите и получите шелл. и поищите файлик который вам поможет. его нужно расшифровать и просто потом пишем su от пользователе и вводим пароль и получаем user.txt
root: ищем эксплойт и запускаем msf и там просто вводим полученные все данные и вуаля root.
Ok, I got user. I think the problem I had was I was trying to do the box while others were on the box at the same time. It’s really frustrating but I tried. Thanks to the people giving out clues on this forum. It really helped. I going to now read hints to root and try to root it.
Hey guys, just got user access, trying to use a m**** module on w***n but i'm getting a "cookie error" and "no session was created". Am i on the right way ? I don't mind some hints nvm, got it working. hint for this error: don't forget ssl like i did..
Hi,
I think Ive got a different pass for the user from john... from previous replies I see others have it as c..........8 but I got something totally different.
Any chance someone can point me in the right direction of where Ive gone wrong?
urrgh, spent longer than I wanted on user as Ive not had much experience with r***s... root was so much easier.
Rooted! A big thanks to @ascannerdarkly@n1njaaa@Wh0aMn1c0 for the tips. Learned about r****. The root was fairly simple with the use of m********* and a CVE. Can anyone PM me how to do it manually?
i have used every information gathering tools but i cant find anything intresting, i m new in hackthebox.. if you can help me then pls do share your ideas
Been bangin my head against this box all day, could use a nudge if someone wouldn't mind.
I've gotten the been using what I think is the right exploit but cant seem to get it to work correctly.
Been bangin my head against this box all day, could use a nudge if someone wouldn't mind.
I've gotten the been using what I think is the right exploit but cant seem to get it to work correctly.
I hope this isnt too much, but to get initial shell I found a script that I had to change for the user. Think about where you will land based on what you can enumerate using Re*-i. Then update the script to match what you find.
So, to get root after you have M*** do you have to exploit W**** and the pa******_c***** to change the pass?
I'm self learning pen testing and honestly lol user wasn't that bad but I'm totally lost even with the hints. A lot of CVE out there but most don't work because something isn't installed and or I'm just hitting the wrong targets maybe?
new to HTB and need a hint or nudge on what to do with r****-c** exploit. I read up on documentation and have been trying to understand the r**** exploit but I can't seem to get a s** sh*** or any k** to work for me. IF anyone has helpful nudges or tips for a newbie please pm or comment!
This was my first box. Ended up doing the r****-c** stuff manually, so there was a lot of interesting things to learn there. I had a ton of issues getting root the easy way... but it all boiled down to a typo on my part.
Well that was interesting! I guess the first time I got into the machine someone had already exploited the r**** so it was a walk in the park lol. It got reset and I got to educate myself on fixing that little problem :P lol but still stuck between User / Root.
Ok, I got user. I think the problem I had was I was trying to do the box while others were on the box at the same time. It’s really frustrating but I tried. Thanks to the people giving out clues on this forum. It really helped. I going to now read hints to root and try to root it.
i have got a user shell but i don't know how to get user flag.. i am trying a lot what should i do..
Comments
any tips for getting foothold?
Type your comment> @coolZero1473 said:
Any hints for root
получен root)))
Подсказка
user: ищите скрипт на r***s немножко подправите и получите шелл. и поищите файлик который вам поможет. его нужно расшифровать и просто потом пишем su от пользователе и вводим пароль и получаем user.txt
root: ищем эксплойт и запускаем msf и там просто вводим полученные все данные и вуаля root.
Хорошая коробка. Спасибо
Type your comment> @Yannis said:
rxxxs-xxi -h host -x set test < etc passwd
rxxxs-xxi -h hosts getrange test 0 50000
you will get the contents of the file
Ok, I got user. I think the problem I had was I was trying to do the box while others were on the box at the same time. It’s really frustrating but I tried. Thanks to the people giving out clues on this forum. It really helped. I going to now read hints to root and try to root it.
Type your comment> @IoCyber said:
Rooted my first box
I definitely learned a lot from this box.
Thanks to all people who posted clues.
Hey guys, just got user access, trying to use a m**** module on w***n but i'm getting a "cookie error" and "no session was created". Am i on the right way ? I don't mind some hints
nvm, got it working. hint for this error: don't forget ssl like i did..
ROOTED !
pm me for hints/nudges
Hi,
I think Ive got a different pass for the user from john... from previous replies I see others have it as c..........8 but I got something totally different.
Any chance someone can point me in the right direction of where Ive gone wrong?
urrgh, spent longer than I wanted on user as Ive not had much experience with r***s... root was so much easier.
Hey Guys,
I am rooted!! But, with metasploit.
Is there any way to do it manually? I don't want to use any Metasploit.
Cause, its not allowed in OSCP:(
Rooted! A big thanks to @ascannerdarkly @n1njaaa @Wh0aMn1c0 for the tips. Learned about r****. The root was fairly simple with the use of m********* and a CVE. Can anyone PM me how to do it manually?
Great box.
Gods make rules. They don't follow them
Type your comment> @clubby789 said:
i have used every information gathering tools but i cant find anything intresting, i m new in hackthebox.. if you can help me then pls do share your ideas
i have got a login page now what can i do to find the user
rooted, once I'd got a foothold and some interesting files, it was easier to get root first.
Type your comment> @Yannis said:
Good question , i am trying figure out
removed
removed
So I have user and have valid creds for W***** but when trying to use msmodules they never get me a shell amd I missing something?
Been bangin my head against this box all day, could use a nudge if someone wouldn't mind.
I've gotten the been using what I think is the right exploit but cant seem to get it to work correctly.
Type your comment> @SolAngelus said:
I hope this isnt too much, but to get initial shell I found a script that I had to change for the user. Think about where you will land based on what you can enumerate using Re*-i. Then update the script to match what you find.
I hope that helps
For msmodule and root is there anything special that needs to be done or just update user/password and vh***?
So, to get root after you have M*** do you have to exploit W**** and the pa******_c***** to change the pass?
I'm self learning pen testing and honestly lol user wasn't that bad but I'm totally lost even with the hints. A lot of CVE out there but most don't work because something isn't installed and or I'm just hitting the wrong targets maybe?
Pm with a tip?
new to HTB and need a hint or nudge on what to do with r****-c** exploit. I read up on documentation and have been trying to understand the r**** exploit but I can't seem to get a s** sh*** or any k** to work for me. IF anyone has helpful nudges or tips for a newbie please pm or comment!
This was my first box. Ended up doing the r****-c** stuff manually, so there was a lot of interesting things to learn there.
I had a ton of issues getting root the easy way... but it all boiled down to a typo on my part.
Well that was interesting! I guess the first time I got into the machine someone had already exploited the r**** so it was a walk in the park lol. It got reset and I got to educate myself on fixing that little problem :P lol but still stuck between User / Root.
!!!
[email protected]:~# id
uid=0(root) gid=0(root) groups=0(root)
First live one. Thanks for the hints everyone!
rooted! what a fun box. Thanks to people for hints. Really enjoyed this box.
Type your comment> @popcorn said:
Type your comment> @clubby789 said:
i have got a user shell, i am trying a lot to find a user flag but i cant what should i focus on ... if anyone can help me pls help me