Type your comment> @Wofulprawn said:
> Hello!
> This is the first box I'd love a nudge. I got a working shell using the r****, managed to find the M*** user and his i*****.bak but I have no idea how to use it.
>
> Any help would be appreciated!
Google the file name. It will give you a hint. If you did that, you can ask J*** for help. But watch out: the file need to be prepared before you can ask J*** for an answer. Pm me if you want another nudge.
Finally rooted this one, bit annoyed SSL made the difference between something working and something not working. i would have had the box a lot sooner if i'd known that.
You guys were not kidding when you said user was harder than root. I really want to kick myself for taking so long on it. It was so simple but I kept getting in the way. I would really appreciate if someone could help me understand a bit more about the root exploit or if someone could point me in the right direction. Many more boxes to pwn. Much appreciation to @trollzorftw and @zaBogdan for being patient and helpful.
I did all, once, but it took so much time that after that i did some --top-ports with fairly high numbers, still, i see 3 ports, even did some UDP ones...
I seem to understand that i'm gonna have to rescan all 65k again, preferably with a VIP subscription, in order to get reliable results ?!
I did all, once, but it took so much time that after that i did some --top-ports with fairly high numbers, still, i see 3 ports, even did some UDP ones...
I seem to understand that i'm gonna have to rescan all 65k again, preferably with a VIP subscription, in order to get reliable results ?!
I have free access and usually can execute full TCP port scan in "acceptable" amount of time. If this host reacts very slow, you can run separated port scans: e.g. "-p 1-10000", then - if it is needed - "-p 10001-20000" and so on.
I have a question. I have add p***** k*y to r***s already, but still required from me p******d. I used correct flag for **h *i , someone has same problem??
I try to get the sheel but I always get timout connection.
I try the 3 R***s exploit Ive found but nothing work. I know I need to modify the script but I dont know where to start.
Can I have a nudge pleas!
Rooted! Learned a very valuable lesson with this one: Don't overlook the obvious!
Hints:
Foothold: Thorough scan. Don't skip anything. Investigate everything! Something will stand out. Research and you'll find plenty of resources to and even something juicy to use. Make your adjustments based on what you've found so far and you're in.
User: Enumerate. A popular script can help. You'll know what to do once you find the loot. You won't have to look far. Now think what you could do with it. Use it where you think it should work.
Root: You should have come across this in your initial investigation, except you were missing something then, which you now have. Try it!
Attempting this Box but not sure why but there are a lot of resets being issued on this box...
Reading this forum it seems like some of the config files keeps changing?
Just trying to understand why all the resets are happening (very frustrating when enumerating)
I should be able to connect (found the i.b file and used some tools on it) but when I connect I receive a connection closed by host on port 2*. I'm fairly sure this should work. Anyone knows what I can do?
I should be able to connect (found the i.b file and used some tools on it) but when I connect I receive a connection closed by host on port 2*. I'm fairly sure this should work. Anyone knows what I can do?
Yes, I know. Check the content of s**d_c***** on the host.
I should be able to connect (found the i.b file and used some tools on it) but when I connect I receive a connection closed by host on port 2*. I'm fairly sure this should work. Anyone knows what I can do?
Yes, I know. Check the content of s**d_c***** on the host.
I'm a bit confused and stuck on getting the initial foothold. From reading the messages, I've gathered that I need to manually edit an exploit script to make it work. Should I be looking at the r****_u*****_e*** and using that?
Comments
> Hello!
> This is the first box I'd love a nudge. I got a working shell using the r****, managed to find the M*** user and his i*****.bak but I have no idea how to use it.
>
> Any help would be appreciated!
Google the file name. It will give you a hint. If you did that, you can ask J*** for help. But watch out: the file need to be prepared before you can ask J*** for an answer. Pm me if you want another nudge.
got root on this machine thanks to @Nexe @lesleybw @fearlessmcp @terty @N0tAC0p
pm me if you guys need help
logged into w****n console as M***. But can't run any exploit without error.
Please help!!
Type your comment> @SPYer said:
After login you can check which "modules" are enabled on w****n. Then you can find a proper exploit.
rooted!!
got to learn few things
User and root, my first box done.
Finally rooted this one, bit annoyed SSL made the difference between something working and something not working. i would have had the box a lot sooner if i'd known that.
Enjoyed learning about a new service.
Thanks @TheCyberGeek for the challenge.
Hints on the forum are enough to root, some great tips on here.
Root Dance!!!
Thanks @TheCyberGeek !!! I learned a lot. If you need a nudge, PM me.
Rags
Long break and got root in no time!
Thanks @ganter799 for the nudge! Very helpful.
Very good practice and learned a lot about things I haven't encountered yet.
You guys were not kidding when you said user was harder than root. I really want to kick myself for taking so long on it. It was so simple but I kept getting in the way. I would really appreciate if someone could help me understand a bit more about the root exploit or if someone could point me in the right direction. Many more boxes to pwn. Much appreciation to @trollzorftw and @zaBogdan for being patient and helpful.
I scanned with two different tools, different types of scan, and none shows me that r**** thing as being open...
eCPPT | OSCP
Type your comment> @lebutter said:
Did you scan top ports or all ports?
I did all, once, but it took so much time that after that i did some --top-ports with fairly high numbers, still, i see 3 ports, even did some UDP ones...
I seem to understand that i'm gonna have to rescan all 65k again, preferably with a VIP subscription, in order to get reliable results ?!
eCPPT | OSCP
Type your comment> @lebutter said:
I have free access and usually can execute full TCP port scan in "acceptable" amount of time. If this host reacts very slow, you can run separated port scans: e.g. "-p 1-10000", then - if it is needed - "-p 10001-20000" and so on.
Can any body help me i getting this error while running a ruby script
Traceback (most recent call last):
47**0.rb:6:in `
Hello Guys
I have a question. I have add p***** k*y to r***s already, but still required from me p******d. I used correct flag for **h *i , someone has same problem??
Hello guys. pretty new to htb,
I try to get the sheel but I always get timout connection.
I try the 3 R***s exploit Ive found but nothing work. I know I need to modify the script but I dont know where to start.
Can I have a nudge pleas!
Rooted the box! Much appreciation to @SeqHaq, @Kkaz, and @PrivacyMonk3y for being patient and helping me out!
Rooted! Learned a very valuable lesson with this one: Don't overlook the obvious!
Hints:
Foothold: Thorough scan. Don't skip anything. Investigate everything! Something will stand out. Research and you'll find plenty of resources to and even something juicy to use. Make your adjustments based on what you've found so far and you're in.
User: Enumerate. A popular script can help. You'll know what to do once you find the loot. You won't have to look far. Now think what you could do with it. Use it where you think it should work.
Root: You should have come across this in your initial investigation, except you were missing something then, which you now have. Try it!
Thanks to @TheCyberGeek. Enjoyed this one.
Attempting this Box but not sure why but there are a lot of resets being issued on this box...
Reading this forum it seems like some of the config files keeps changing?
Just trying to understand why all the resets are happening (very frustrating when enumerating)
Always happy to help others. 100% human
https://www.mindfueldaily.com/livewell/thank-you/
I should be able to connect (found the i.b file and used some tools on it) but when I connect I receive a connection closed by host on port 2*. I'm fairly sure this should work. Anyone knows what I can do?
Type your comment> @Kimble said:
Yes, I know. Check the content of s**d_c***** on the host.
Type your comment> @bumika said:
Got it, thanks!
got it
Spoiler Removed
anyone else having the system.exec error when choosing interactive shell?
¿How can I make the r**** exploit to work if there is no command module... or load???
Got it! Thank very much to @Aireply for help!
Rlly nice and very sympathetic man
I'm a bit confused and stuck on getting the initial foothold. From reading the messages, I've gathered that I need to manually edit an exploit script to make it work. Should I be looking at the r****_u*****_e*** and using that?