Obscurity

2456727

Comments

  • I am getting an empty response (no errors, just empty...) from the server when sending the payload to get a shell. Does anyone have a similar problem?

  • which wordlists are u guys using to get to the S****S*****S*****.py file ??
    or should we look for it without scanning too much

  • Type your comment> @c00de said:

    which wordlists are u guys using to get to the S****S*****S*****.py file ??
    or should we look for it without scanning too much

    stay simple, stay common.. Once you choosed the wordlist, Burp, intruder and you will get it!

  • Type your comment> @phat said:

    Type your comment> @c00de said:

    which wordlists are u guys using to get to the S****S*****S*****.py file ??
    or should we look for it without scanning too much

    stay simple, stay common.. Once you choosed the wordlist, Burp, intruder and you will get it!

    i forgot to add the port to the url hahaha

  • edited December 2019

    any hints on how to restore key for user or bruteforce is the only way?

    EDIT: Got user. On my way for root. Bruteforce seems to be the only way to restore a key

  • Rooted the box, but I'm not sure it was an expected way. Can you share how you got root with me, because it was way too easy

  • Hmm pretty much stuck on init foothold, found some corrupted files via source code auditing

  • Rooted.

    Thanks @clubby789 for the box.

  • edited December 2019

    Nice box, I enjoyed getting user.

    Type your comment> @B3LL4T0R said:

    Type your comment> @HumanFlyBzzzz said:

    Yeah i'm stuck afraid to admit. Any hints on initial ? I haven't found anything particularly juicy

    same here, I only know whats on the main webpage and my gobuster scans aren't working

    The first part is pure CTF. Focus on the message in the main page.

    @zkvo said:
    Hmm pretty much stuck on init foothold, found some corrupted files via source code auditing

    Focus on a function you would like to exploit.

    From there, develop your attack.

    Trying it locally might be more helpful.

    twypsy

  • Hey guys, I used the common wordlist with ZAP, but still nothing. Any hints? Also, its suspicious that its looking for a document when any 404 arises...

  • Type your comment> @idomino said:

    :)

    uid=0(root) gid=0(root) groups=0(root)
    

    I enjoyed this very much, thank you @clubby789! But I think misclassified, it's one of the easiest ones currently available.

    This has made me give in "One of the easiest around" ..... as I saunter back to my day job lol

    ”No questions a stupid question”
    <img src="https://www.hackthebox.eu/badge/team/image/1805" alt="Hack The Box">
  • edited December 2019

    Any hint for getting the directory? tried big wordlist on it :/
    tried ffuf too

  • Rooted, nice box.. I just needed to update my Python skills...

    0byte

  • Rooted , here are my hints :

    User : - read carefully the webpage. The next step should be obvious

    • enumerate a little to get user.txt

    Root : -don’t overthink , it’s very simple , some basics Linux privesc....

    You’ll need basics python understanding!

    Good luck

  • R00ted!!! @clubby789 - Excellent job! Fun box.

    I hope these tips are ok and do not veer off into the spoiler realm. I tried to keep them as general as possible, and really these "tips" are just good advice any pentest 101 class will teach, I am just kinda focusing the general advice a bit.

    Foothold - pay attention to how things are working, enumerate. Once you find what you are looking for; It pays to figure out what the code is doing, I went as far as to get things running on my attack box, that way I could dump variables and test locally, once you do that the path forward is super obvious.

    User - A bit tricky, but if you enumerate and find all the files you have access to (again just good basic sense that should be tried every time); you can find some interesting things (not much of a spoiler as the whole point of good enumeration is to find interesting things). You will have to manipulate some of the finds (custom scripts help a lot); if done right... boom you are in.

    Root - pay attention what you have access too, again learn how things are working, and it becomes super obvious... for me root was 100x easier than user (not saying user was super hard, but by comparison)... so if you can pop a user shell; you're almost there.

    I hope this helps, and if you get stuck "try harder". Feel free to PM me. I apologize if I do not get back with you super quick; my life is hectic and between that and popping my own boxes, sometimes the PMs slip pass me. Cheers.

  • Based on the reactions I'm getting maybe I was too harsh when I said "one of the easiest ones currently available", maybe it was just easy for me, as all stages are simply solved by a few lines of python, but I guess I can understand why people are struggling with stock tools.

  • first of all, stop busting, go "path'ing" yourself..

    0byte

  • Rooted.
    Nice box @clubby789 , make more pls :D.

    If you guys need any help, PM me with your progress

    trollzorftw

  • edited December 2019

    Type your comment> @idomino said:

    Based on the reactions I'm getting maybe I was too harsh when I said "one of the easiest ones currently available", maybe it was just easy for me, as all stages are simply solved by a few lines of python, but I guess I can understand why people are struggling with stock tools.

    Well, I can actually agree user was easy. Definitely not a hard one. Everything turns around the snake.

    edit: root is super easy, but nevertheless a good reminder. Wonder if perms are intended way.
    edit: rooted the intended way.

    Thanks @clubby789 for time spent on creation!

  • Type your comment> @v01t4ic said:

    Type your comment> @idomino said:

    Based on the reactions I'm getting maybe I was too harsh when I said "one of the easiest ones currently available", maybe it was just easy for me, as all stages are simply solved by a few lines of python, but I guess I can understand why people are struggling with stock tools.

    Well, I can actually agree user was easy. Definitely not a hard one. Everything turns around the snake.

    yeah, speaking parseltongue is needed for this one

  • edited December 2019

    @idomino said:

    Based on the reactions I'm getting maybe I was too harsh when I said "one of the easiest ones currently available", maybe it was just easy for me, as all stages are simply solved by a few lines of python, but I guess I can understand why people are struggling with stock tools.

    To be honest, I don't give credibility to any comment in HTB regarding the difficulty of a machine, and I might suggest the same to anybody who joined HTB recently. What seems easy now, might not have seemed easy in the past.

    twypsy

  • Type your comment> @idomino said:

    Type your comment> @v01t4ic said:

    Type your comment> @idomino said:

    Based on the reactions I'm getting maybe I was too harsh when I said "one of the easiest ones currently available", maybe it was just easy for me, as all stages are simply solved by a few lines of python, but I guess I can understand why people are struggling with stock tools.

    Well, I can actually agree user was easy. Definitely not a hard one. Everything turns around the snake.

    yeah, speaking parseltongue is needed for this one

    Harry Potter finds this box easy

    trollzorftw

  • edited December 2019

    @clubby789 Great box! Solving it was fun and pleasant experience. Appreciated especially the fact that it required no guesswork.

  • Stuck on fuzzing for the py file, any hints?

  • edited December 2019

    Any hints to find the .py file?
    EDIT:found :)

  • edited December 2019

    rockyou 30

  • This is the most useless box created to be honest; usually I learn a thing or two from at least an easy box, but this........!

  • edited December 2019

    I'm trying with various lists, through the apparent remote h***-****y and directly to the upper port, but nothing :that script can't be found... any hint?

    BadRain

  • Type your comment> @BadRain said:
    > I'm trying with various lists, through the apparent remote h***-****y and directly to the upper port, but nothing :that script can't be found... any hint?

    Same...just...nothing :(
  • Missing something here..
    I found some interesting things early on with burpsuite. I then enumerated a user and 2 text files with wfuzz but can't find the .py file.
    A SMALL nudge would be appreciated.

    GPLO

Sign In to comment.