Bashed

124»

Comments

  • Look for something that doesn't belong on a generic linux distro. Basic forensic techniques can help find it fairly quickly (no need to image the drive or anything like that)

    Arrexel

  • edited April 2018

    Spoiler Removed - Arrexel

  • So this is my first attempt to priv esc. Need some help though to understand if i am on the right path as i feel am i going in the dark. Have created reverse shell and used LinEnum to enumerate. Seen a couple of things that may help.
    If anyone that has solved it successfully is kind to PM so i can ensure that i am on the right path, i would be grateful.

  • @w31rd0 said:
    So this is my first attempt to priv esc. Need some help though to understand if i am on the right path as i feel am i going in the dark. Have created reverse shell and used LinEnum to enumerate. Seen a couple of things that may help.
    If anyone that has solved it successfully is kind to PM so i can ensure that i am on the right path, i would be grateful.

    Feel free to send me what you're thinking, @w31rd0

  • Have reverse shell. Ran enumeration. There are some fishy results, but can't seem to figure out how to exploit. Looking for a hint. PM please.

  • PM me if you want a hint :)

  • @ngup said:
    Spoiler Removed - Arrexel

    sorry i did not mean to reveal anything

  • edited April 2018

    Spoiler Removed - Arrexel

  • @minhhungvn said:
    Spoiler Removed - Arrexel

    The github repo is unrelated to the machine, although it does explain how to use it once you find it

    Arrexel

  • Hi. Brand new in HTB :) and for two days handlling with bashed. Very straightforward to get user.txt /... after that: I got the reverse shell (interactive shell) I did su to an other user ... found a script.... and after that, I'm getting completely crazy trying to finde the way to gain root. I'm not asking for help... yet ... just thinking loudly (and sharing with you). On Sunday Bashed will be removed and I have to hurry up, but I'm very stuck right now. Greetings to all!

  • Finally I got the root.txt flag, without being root, playing with the scripts we all know. I don't know exactly why it works getting the flag from there. I some could explain me via PM I would be very gratefull, since my real flag y to learn

  • Yes!! now I'm root !!!! .... Sometimes the solution is more like a puzzle than a technical matter :-) (lateral thinking)
    but actually I still don't understand WHY could I retrieve the flag without being root, as I shared in my previous post

  • I've understood why before gaining root I was able to obtain root.txt .... the reason is directly related with the way I gained root access later, but wasn't aware of that at that moment. Now everything is clear :)

  • well im new to this whole hacking thing and im having trouble getting a foothold in poison. This is the first box im trying and ive gotten the encoded password, but I cant figure out where to go from here. Feel free to PM me as I know the answer will be "enumerate more", but I can't figure out how. Could someone please at least point me in the right direction?

  • edited April 2018

    on it as well

  • edited April 2018

    I don't know if what I'm gonna say could be consider spoiler or just a hint,,, but... since bashed is gonna be disabled soon, let me say you the following
    The difficulty here is more a matter of close view than techical (of course one must to have some basic skills) . So the hint is: "Try to figure out why some strange things could be happening" :-D Enjoy!

  • once you enumerate and discover the way the flag you want is -u :) some googling back when I did this box had me stumble upon that option with the command and all was well.

  • Many thanks Kinjo!!! Was blind but now I see....!!!!

  • Hi everybody, I would like a little push on PM. I think I am quite close, but since I am new to the privilege esc I am stuck. Would be nice to tell someone what I have done till now and how to proceed.
    Cheers!

  • An other hint: "Review concepts like ownership and permissions"

  • Now that it is retired I can't wait to read the write-up.
    Got the user.txt but I couldn't get the root.txt.
    It was my first machine, though!

  • edited April 2018

    @HASLima said:
    Now that it is retired I can't wait to read the write-up.
    Got the user.txt but I couldn't get the root.txt.
    It was my first machine, though!

    also you can see the ippsec video on youtube

  • the machine was retired and my points too, why? is it normal?

  • @K43P said:
    the machine was retired and my points too, why? is it normal?

    yeah, when machine retires, points retire to

  • @w31rd0 said:

    @K43P said:
    the machine was retired and my points too, why? is it normal?

    yeah, when machine retires, points retire to

    OHHH WTF!!!

  • Hey guys.. i got an idea which file i need to modify.. but i am not understanding what should i do with that ...i tried a lot of things from last 3 days but not able to get root

  • Hi. If any one can help me, in pretty sure I know how to get root but something is up with my python. If you are decent in python and have rooted this machine can you send me a message? Thanks!
  • @BanalFutility said:

    Hi. If any one can help me, in pretty sure I know how to get root but something is up with my python. If you are decent in python and have rooted this machine can you send me a message? Thanks!

    There are an awful lot of write ups for this box - including an official one and an ippsec video tutorial. You could skim through one until you get to where you are stuck.

    TazWake

    Happy to help people but PLEASE explain your problem in as much detail as possible!

    Also: https://www.nohello.com/

  • edited June 30
    @TazWake, Yeah I read the write up it doesn’t help with my question on python but it confirmed I was correct in how to get root. Stil, my questions in python remain so if any one can help and has root on this machine dm me. I don’t want to post more details as I don’t want to spoil for any one who may attempt this box.
Sign In to comment.