Traverxec

1568101145

Comments

  • edited November 2019

    @B374 said:
    Why I'm getting kicked from ssh when connecting with user david?

    Broadcast message from [email protected] (somewhere) (Mon Nov 18 14:49:50 2019):

    double edged

    Those creds aren't for SSH

    Discord: Ursa#1337

    Ursa

  • Type your comment> @Huejash0le said:

    omg port 80 closed on VIP 15. Please fix, Thank you!

    Edit: spent like an hour trying to find an SSH exploit. Lol FYI port 80 is not supposed to be closed.

    I had to switch to EU VIP and could see port 80 open.

  • edited November 2019

    Comment Deleted

    • OSCP -
  • Can someone pm on root please. I see the file, I see the way to root, however everything I try just results in a normal shell not a root shell.

  • Good box with some easy and interesting stuff to explore, even though the connectivity was not stable

  • Rooted ! Fun box. It seems that you can stare blind and focus on 1 particular thing or command. After rooting this one i felt so stupid. :)

    DM me if you need a little nudge

    Hack The Box

  • Interesting box

    Foothold: CVE

    User: Think logically, hard to explain what I mean by this without spoiling. Once you've read the file everyone is talking about, go back to the home dir, what permissions exist? Something is odd. How can you be in another directory but can't view contents ? Mess around in there and refer back to the "file" and keep thinking and experimenting is all I can say. Even this is probs going to be removed might be too much spoils

    Root : IDK why people are saying to minimise the screen xD You can keep a full sized screen just understand what is going on exactly on that thing you've found. Understand it phrase by phrase, command by command, the GTFObin reference will help you understand why people are emphasising the word "LESS" - and from there, keep doing more logical thinking and experiment, you'll get it. I got it by mistake lmao it was a test run and ended up being the thing that worked

    Hack The Box

  • Rooted, fun box @jkr !!

  • A great box jkr, thank you!

    As i am always having my terminal at about 1/4th of my screen i didnt experience the reason for which everyone said to not have maximized terminal.
    If any1 could explain why it happens in a dm i would really appreciate it!

  • edited November 2019

    Finally rooted this box !
    I spent many hours working on this machine over nothing literally :
    Port 80 wasn't working at the begging and i thought it was intended to be closed and was really pissed when i switched server and it took me like 15 min to drop a shell
    User is challenging a bit but over all worth it
    Root was a big journey too the intended way should have worked but it didnt get me as it should .. and as i figured out later that the server has issues too ! need to change my shell multiple times to finnaly get it done
    Over all this box is great if all works as they should be !
    hints only for user : don't go out to the public staying at home is always sweet ;)
    Any how big thanks to @jkr for this awesome box

  • I am completely lost in regards to even getting the user flag, no clue where to go or what to do. A nudge would be appreciated.

  • Just rooted my first Linux box. Thanks @D3Fix , @t0thkr1s , @rholas . I learned a lot from this box thanks @jkr!

    GCIH

  • Just got [email protected]:

    Nice box! I learnt a lot.

    If need help u can send me pm!

    noi

  • Well thats that.. I always feel sad when I finish them...

    id

    uid=0(root) gid=0(root) groups=0(root)

    Hack The Box

  • First box rooted! Was a lot of fun, wrote down all the steps for my own knowledge as well. If anyone needs help feel free to PM.

    It really made me slap my head when I found how simple it was! Tricky but simple in the end. The hardest part of the box was the user flag enumeration, the answer came to me at work today and it took forever to get home to do it.

    Hack The Box

  • I'm stuck on user d***d. Can anyone help me? PM.. please!

  • rooted. I really enjoyed this one. Getting user was pretty hard for me, but if you follow the other advice in this thread you can get there

    root: Unless you've seen this trick before you are fucked imo (unless there is another way to do it, in which case someone please DM me), no idea how you'd ever figure this out without being shown. I learned it by doing all the bandit challenges on overthewire, and that was the only one I had to cheat and lookup a walkthrough for, and im glad I did, cuz I'd still be sitting there trying to figure it out, heh.

    Hilbert

  • Oh God..! Got USER.. but root is hurting... Man any tips?!! lol I have read about the 'tiny' things etc. But cannot get it to bloody work. haha I need help. I cannot do everything alone. :)

  • User : Irritate , Some thing you know but unthinkable. When you know you will Laugh
    Root : In front of you

    Arrexel

  • Thanks @jkr for the fun box

  • Hi, I have got the hashed credential and found the hidden keys in the hidden folder but still can't get in as its asking for passphrase ..is there another credential ?

  • I found d**** credentials, but john and hashcat doesn't work for me, any help? PM please!

  • Type your comment> @chiefgreek said:

    Hi, I have got the hashed credential and found the hidden keys in the hidden folder but still can't get in as its asking for passphrase ..is there another credential ?

    No, you need to crack key to obtain passphrase

  • edited November 2019

    I swear, if I read the man page and the file another time without understanding where is the caveat!

    Enjyoing the frustration though, thanks @jkr

    Edit: rooted, I liked this box, very CTF-esque.

    Elio

  • rooted.Great box! Thx

    joelblack

  • edited November 2019

    Rooted, crazy machine.
    My hint for root:
    If your command doesn't work, try this command in another terminal(not Kali terminal)
    Thanks for the hint @rholas @bertalting @htbmar

  • # id
    uid=0(root) gid=0(root) groups=0(root)
    

    The way to get root made me feel real stupid, took me way to long. I don't understand the name tho, anyone care to PM me an explanation?

    PM if you need any assistance.

    CEH | Red Team

  • Need some help for the user. In brief, I got the creds, played around with c*** file and accessed the user's home folder over URI. I noticed that the home folder has some strange permissions too. PM please

  • Whoop! Just finished this machine! Enumeration is key, once again, to get the foorhold, and then Kali has all the tools you need to get from foothold -> user -> root!

    Feel free to pm for help!

    SIG

  • Finally got root :)
    thx @ PlayerThree and 0X44696F21

Sign In to comment.