Postman

13233353738

Comments

  • Type your comment> @mach1ne said:

    I would recommend that you scan all ports first, you might also have to install a command line interface tool to interact with one of the services you have found in the initial scan.

    no, i got the service. but I cant figure out how to ket my stuff on there

  • Type your comment> @LMAY75 said:

    Type your comment> @lolokidd said:

    Type your comment> @MonocleHat said:

    (Quote)
    Found both, stuck as well. I've been trying to exploit 'R***' >> BindFailed The address is already in use or unavailable :) But then again, this is my first HTB :)

    U dont need an exploit for it. The server is incredibly misconfigured use that to get what u need

    Good to know, thanks for that :)

  • Can somone DM me with the help with the CVE?
    I got the user and etc, but cannot get the CVE to work. I'm pretty sure I've sorted SSL on it. Not sure what else to do.

  • Type your comment> @Raqune said:

    Type your comment> @mach1ne said:

    I would recommend that you scan all ports first, you might also have to install a command line interface tool to interact with one of the services you have found in the initial scan.

    no, i got the service. but I cant figure out how to ket my stuff on there

    Sometimes you can get inside anonymously. :smile: ss*-key generation tool will come in handy. It is possible to upload 1 type of key inside a database, you use another type of key to authenticate.

    Packetstormsecurity has a great article on remote command execution on r**** service.
    If this is a spoiler, PM I will remove it.

  • Type your comment> @mach1ne said:

    Sometimes you can get inside anonymously. :smile: ss*-key generation tool will come in handy. It is possible to upload 1 type of key inside a database, you use another type of key to authenticate.

    Packetstormsecurity has a great article on remote command execution on r**** service.
    If this is a spoiler, PM I will remove it.

    Thank you for your help. I got it eventually!

  • edited February 25

    [Edited] I tried something else, it worked. User : check.

  • Stuck at the final part to get root.
    "Exploit aborted due to failure: unexpected-reply: Failed to upload file"
    Dont know what im missing, got creds on the web, ssl enabled.
    it whould be appreciated If someone can point me on the right direction.

  • Omg, trying to get to user I got root lol.

    Feel free to PM me for any doubts!

  • First box after taking several months break from HTB. Really enjoyed it. As usual, ping me if you need any help.

    If my comment somehow helped you, you can show your appreciation with a Respect :)
    https://www.hackthebox.eu/home/users/profile/117977

  • When I'm trying to connect with m**t's key I get the error message:
    Load Key "keygoeshere" error in libcrypto.

    Is this a formatting problem?
    J**n was able to read the key properly.
    Any help appreciated.

  • @Quint0r said:

    When I'm trying to connect with m**t's key I get the error message:
    Load Key "keygoeshere" error in libcrypto.

    Is this a formatting problem?
    J**n was able to read the key properly.
    Any help appreciated.

    When you say you are trying to connect as that account, what do you mean?

    I dont think you can connect as the account but you can do something else to switch into it.

    TazWake

    Happy to help people but PLEASE explain your problem in as much detail as possible!

  • Postman has me stumped. I was able to successfully s** as r**. Then found user M***. Now trying to copy user.txt onto local machine, but I keep getting asked for a password? Am I missing something here? Any hints?
  • edited February 27

    Squeeeeeeeeps.

    if this gives too much away PM me and I'll take it down...

  • I need help
    Warning: identity file id_r*a not accessible: no such file or directory.
    This Asking password
  • edited February 27

    I got a shell on postman. Having and issue downloading the root.txt for the hash. Anybody else having an issue navigating with the python shell?

  • My very first box rooted. Definitely not an easy process.
    Thanks to the community for the amazing support!

  • CSNCSN
    edited February 28
    ̶C̶a̶n̶ ̶a̶n̶y̶o̶n̶e̶ ̶c̶o̶n̶f̶i̶r̶m̶ ̶i̶f̶ ̶t̶h̶e̶r̶e̶'̶s̶ ̶a̶ ̶p̶r̶o̶b̶l̶e̶m̶ ̶w̶i̶t̶h̶ ̶t̶h̶e̶ ̶s̶h̶e̶l̶l̶/̶m̶a̶c̶h̶i̶n̶e̶?̶ ̶I̶'̶v̶e̶ ̶u̶s̶e̶d̶ ̶t̶h̶e̶ ̶u̶s̶e̶r̶ ̶c̶r̶e̶d̶e̶n̶t̶i̶a̶l̶s̶ ̶I̶ ̶f̶o̶u̶n̶d̶ ̶(̶M̶*̶*̶*̶ ̶a̶n̶d̶ ̶c̶*̶*̶*̶*̶*̶*̶*̶*̶*̶*̶8̶)̶ ̶ ̶a̶n̶d̶ ̶u̶s̶i̶n̶g̶ ̶t̶h̶e̶ ̶e̶x̶p̶l̶o̶i̶t̶ ̶o̶n̶ ̶m̶*̶f̶ ̶g̶o̶t̶ ̶i̶n̶.̶ ̶I̶'̶v̶e̶ ̶b̶e̶e̶n̶ ̶u̶n̶a̶b̶l̶e̶ ̶t̶o̶ ̶n̶a̶v̶i̶g̶a̶t̶e̶ ̶d̶i̶r̶e̶c̶t̶o̶r̶i̶e̶s̶ ̶i̶n̶ ̶W̶*̶*̶*̶*̶*̶ ̶a̶n̶d̶ ̶c̶a̶n̶ ̶o̶n̶l̶y̶ ̶s̶e̶e̶ ̶f̶i̶l̶e̶s̶ ̶i̶n̶ ̶t̶h̶e̶ ̶o̶n̶e̶ ̶f̶o̶l̶d̶e̶r̶.̶ ̶c̶d̶ ̶c̶o̶m̶m̶a̶n̶d̶ ̶d̶o̶e̶s̶ ̶n̶o̶t̶ ̶w̶o̶r̶k̶,̶ ̶w̶h̶o̶a̶m̶i̶ ̶s̶h̶o̶w̶s̶ ̶r̶o̶o̶t̶ ̶-̶ ̶b̶u̶t̶ ̶n̶o̶t̶h̶i̶n̶g̶ ̶w̶o̶r̶k̶s̶.̶ ̶C̶a̶n̶ ̶a̶n̶y̶o̶n̶e̶ ̶t̶e̶l̶l̶ ̶m̶e̶ ̶w̶h̶a̶t̶'̶s̶ ̶h̶a̶p̶p̶e̶n̶i̶n̶g̶ ̶h̶e̶r̶e̶?̶ ̶I̶t̶'̶s̶ ̶b̶e̶e̶n̶ ̶t̶h̶i̶s̶ ̶w̶a̶y̶ ̶f̶o̶r̶ ̶m̶o̶r̶e̶ ̶t̶h̶a̶n̶ ̶a̶ ̶d̶a̶y̶ ̶s̶o̶ ̶f̶a̶r̶.̶

    edit: nvm i figured it out. It was right there dunno how i missed it.
  • Just rooted!

    For the ones who stuck after finding M*** and c****8, just think where you can else use this other than UI (for owning user). Think simple.

    I can help without spoiling from PMs as well.

  • Ssh connection time out. ???
  • Finally rooted also this box. The user own was very easy... I had more difficults with the root flag. It's an Easy box all you need is a good enumeration, find all credentials and use It for get the root. The right exploit is the Key from my perspective
  • edited February 28

    Rooted ! nice box thanks to TheCyberGeek

    PM if you want hints

    =======================================================================

    If what i send is helpful please consider clicking the 'give respect' button :-)

  • I am trying to run the r****s exploit, but i get the below error. As a noob, I am unsure of what to do to resolve this..... Help :) Please

    Exploit failed: Errno::EACCES Permission denied @ rb_sysopen - /usr/share/metasploit-framework/data/exploits/r**s/module.c
    [
    ] Exploit completed, but no session was created.

  • Rooted! Thank you @TheCyberGeek, learned a lot about a certain service.
    Foothold: That service isn't supposed to be public-facing...
    User: Enumeration will give you something to use on that other service. Flag will not come until later.
    Root: searchsploit

    PM me if you need any help!

    Hack The Box

  • edited February 29

    Rooted. Almost gave up on getting initial shell. Went through all the hints here and still wasn't searching in the right place for the longest time. Once I got the shell L*****m quickly found the interesting file. After that, escalated straight to root via W****n exploit. Very new at this, so every box a learning experience. Thanks, @TheCyberGeek!

  • edited March 1

    Hey guys, am at what I think is the final part of the box. I got entry shell then user creds for *T. Tried said creds for the high port number logged in and came right there, moved on to M but keep getting a "Exploit failed: Errno::ENOTCONN Transport endpoint is not connected - getpeername(2): error when I try to run the exploit. Have I missed something. this has been going on for a while now. Gentle nudge would be appreciated. P.S. if I have given away to much info here PM me and I will delete.

    EDIT:
    Nevermind, got him! In front of my eyes the whole time as usual! Rooted!

  • I'm stuck trying to figure out how to find usernames on the system. I'm aware of r****-c** and I believe I know the exploit, but It needs a username, and I'm new enough at this where I'm having trouble figuring out how to find it. Any hints?

    jiaxsun

  • Found the webmin password with hydra [10000][http-post-form] host: 10.10.10.160 login: root password: XXXXXXXXXXXXX.

    When I try to login I keep getting this message : Access denied for 10.10.14.X. The host has been blocked because of too many authentication failures.

    help ?

  • whoami
    root
    id
    uid=0(root) gid=0(root) groups=0(root)

    exploit for user was hard to find But root is very easy

  • wow that r****s did a number onme..we keep overwriting eachother lol
    anyway thanks for the box
    all the exploits are cve goodluck
    peaceout

  • Rooted! I really enjoyed this machine!
    User exploit and root exploit are pretty easy to find online.
    Thank you for all the tips!

Sign In to comment.