Oouch

1235»

Comments

  • the user parts drive me insane. it so damn hard but now i understand more about CF and SF attack.

  • User was good. Had trouble getting the token using repeater, had to use curl instead. Getting root drove me insane. I need work on enumerating and Priv Esc. Great machine.

    Hack The Box

  • What can I say?

    OUCH

  • edited May 2020
    [email protected]:/root# id
    id
    uid=0(root) gid=0(root) groups=0(root)
    Thanks for the wonderful machine @qtc

    What a machine? A wonderful journey upto root.
    For User: Documentations are your friends.
    For Lateral Movement: It is possible that a whale and a spider can be friends.
    For Root: The one you tried in lateral movement will work now.

    Always happy to help. PM for only hints.

    A Chemist doing Penetration Testing - Check the Story here: BinaryBiceps

  • [email protected]:~# whoami && id && hostname && wc root.txt
    root
    uid=0(root) gid=0(root) groups=0(root)
    oouch
    1 1 33 root.txt
    [email protected]:~#

    this machine is not hard but it's REALLY INSANE. rooted :)

  • Wow, that box was badass. Thank you @qtc cost me some nerve ;)

  • Insane

    Absolutely insane, thanks @qtc.

  • edited May 2020

    Guys I got the private key but I am getting invalid format
    Any one can help at this point?

    ----Never mind, I got it

  • I'm doing WAPTX and there's some O**** in it, so i thought i'd give a go at that box. I've been trying to play around with the various requests and i think i know how to exploit it but it doesn't work and i'd like some guidance to at least know whether i'm trying to do the right thing or just hitting a wall...

    lebutter
    eCPPT | OSCP

  • edited June 2020

    So I've managed to get to the point where I can successfully get an ac**** t**** and execute /a**/g**_u***... is this a rabbit hole?

    I can't figure out how it would actually help me... not sure where to go from here :(

    Edit: Got User.... wow, that was amazing. Awesome box so far.

    Rooted. Wow. That was pretty insane.

    Hack The Box

  • So, my last comment was from June2nd and i only rooted it lol...
    I took a few breaks and did it in stages, and had to learn a lot on topics i didn't know of, like the whale... even if eventually not much was needed.
    Can't wait to see the 8h walkthrough video for that one.

    lebutter
    eCPPT | OSCP

  • edited June 2020

    I'm a bit confused of how to set up the attack for initial access.

    I know that there is a simulated user that "interacts" with what is passed into the c****** page. I can create a profile for myself on both the normal application and the hidden o**** application. Does the user do more than just click, is there a way I can trick it into performing a P*** request instead of just G**? Could someone DM me to nudge me in the right direction?

    EDIT: Figured that part out...the normal flow must be "paused" and then finished by another
    EDIT2: Finally have user...this box requires learning so much. Feel free to DM me for nudges up to that point :)

    Adnanthekhan

  • i cant access to the c*****er.oo**h.hb’s server IP address could not be found.
    Try:

    Checking the proxy, firewall, and DNS configuration
    anyone also have same problem

  • Rooted ....
    This machine was insane ...
    Feel free to get Nudges from me
    Pm me for nudges

  • edited July 2020

    Anyone has an idea why the SSH key of q doesn't work ?
    I made the changes needed, and still having an error "Load key "id_rsa": invalid format."
    Kind of frustrating...

    'These violent delights have violent ends'

  • Type your comment> @Caracal said:

    Anyone has an idea why the SSH key of q doesn't work ?
    I made the changes needed, and still having an error "Load key "id_rsa": invalid format."
    Kind of frustrating...

    You have copy&paste errors. The key works.

    k4wld
    Discord: k4wld#5627

  • @k4wld said:
    Type your comment> @Caracal said:

    Anyone has an idea why the SSH key of q doesn't work ?
    I made the changes needed, and still having an error "Load key "id_rsa": invalid format."
    Kind of frustrating...

    You have copy&paste errors. The key works.

    Seems to be the text editor the problem...
    The SSH key worked like u said.

    'These violent delights have violent ends'

  • Type your comment> @aswathamasam said:

    i cant access to the c*****er.oo**h.hb’s server IP address could not be found.
    Try:

    Checking the proxy, firewall, and DNS configuration
    anyone also have same problem

    HTB machines obviously are not in the DNS. What other way could you use to resolve hostname to an IP address?

    sparrow1

  • When I use a************.oouch.htb (The Simple and Secure...) I always get an error:
    Please enter a correct username and password. Note that both fields may be case-sensitive.
    Of course I created an account and I am sure my username and password are correct. There are often 500 server error, but when I was registering user it went alright. I wonder if I miss something or the machine is that unstable?

    sparrow1

  • edited July 2020

    Rooted need hints ? Msg me

    Arrexel

    First tell me your problem and if you like my help give +1

  • always get an error:
    db[115]: arguments to db_message_new_method_call() were incorrect, assertion "_dbcheck_is_valid**** (****)" failed in file ././/dbus/dbus-m*ss*ge.c line 1366.
    This is normally a bug in some application using the D-Bus library.

    D-Bus not built with -rdynamic so unable to print a backtrace
    bash: [112: 3 (255)] tcsetattr: Inappropriate ioctl for device

    Why, I was about to collapse in the last step.

Sign In to comment.