Control

Let's start the discussion about this box here!

trollzorftw

ยซ134

Comments

  • No spoilers!

  • Spotted something interesting, looking for a way to make enum scripts work

    clubby789

    • GCIH
      If you need help with something, PM me how far you've got already, what you've tried etc (I won't respond to profile comments). And remember to +respect me if I helped you ; )
  • Got creds but kinda stuck after that...

    trollzorftw

  • Got user. But not quick enough.

    image

  • This root is a doozy

  • edited November 23

    edit: (never mind)

  • edited November 24

    Type your comment> @trollzorftw said:

    Got creds but kinda stuck after that...

    you and me both XD

    edit: got user :) but it's crazy how root is not yet taken :D not promising :D

    Hack The Box

  • OH YEAH LET'S DO THIS!

  • edited November 24

    5hrs in still no root. Everything is access denied

    trollzorftw

  • edited November 24

    .

    image

  • this is insane box not hard, not rooted till now :(

    N3v3r Giv3Up, 3v3ry th!ng !s p0ss!ble .

  • User was extremely esay - for root i have no idea
    i get access denied on everything im trying to enumerate - so far found out only the OS Version and its not exploitable through kernel stuff - so only manual exploit - I found a lead but it lead me to nothing since im lacking a "key"

    anyone has an idea ? this box is almost vanilla install - hard to exploit such a thing...
    @TRX a tip in private chat would be nice

  • edited November 24

    check source and header for answer

  • Still no root own? XD insane

  • Type your comment> @rholas said:

    initial foothold brute force with wf*** ?

    Nope, try finding your way in manually

    trollzorftw

  • What proxy?

  • I guess the only possible ways to proxy is within the vpn network..

    0byte

  • Im so lost on root ๐Ÿคฃ nothing to go on...

  • Got a couple of creds and read access, but nowhere to use them.

    clubby789

    • GCIH
      If you need help with something, PM me how far you've got already, what you've tried etc (I won't respond to profile comments). And remember to +respect me if I helped you ; )
  • edited November 24

    Would be nice if TRX could confirm that the machines that are currently running (not the PoC/the machine you send in) are working correctly and that we can get root/admin.

    I guess "something" can't be started, maybe because of different virtualization platforms ?

    image

  • got user easily. now even fear to begin for root :)

  • Same. I enumerated everything in my power as User....but nothing special running and couldnt find any attack-surface at all. I will stand back until we got confirmation the machine is vulnerable.
  • ๐Ÿ˜‚๐Ÿ˜‚๐Ÿ˜‚๐Ÿ˜‚ lolz

  • Type your comment> @nav1n said:
    > (Image)

    This xD
  • I must say that user was super fun!
    Hint from @rholas should give you enough for initial foothold.

  • Still nobody rooted this? This is really strange, @TRX are you sure the box is coming up as you intended it should?

    Hack The Box

  • The machine is running as intended. I tested it earlier today. It is rootable.

  • edited November 24

    get user.txt

    PM for help to user

    Hack The Box

  • Type your comment> @TRX said:

    The machine is running as intended. I tested it earlier today. It is rootable.

    wow, ok, thanks for the confirmation!

    Hack The Box

Sign In to comment.