Traceback

Thought id start the forum post
put hints and questions below ill update once I root it

0xHeaped

«13456730

Comments

  • 3 Hours left!

    Feel free to PM me, but please ask good questions: https://www.shorturl.at/fmAX6

  • edited March 14

    --deleted--

  • First blood? I haven't completed scans yet :neutral:

  • edited March 14

    Well that seems to be an easy one. First Blood after 15 min. Gz @sampriti

  • Cool box, with an interesting component I've not seen in a box before. The rest was pretty standard and easy, fun nevertheless.

    clubby789

    • GCIH | GCIA
      If you need help with something, PM me how far you've got already, what you've tried etc (I won't respond to profile comments, or on box release night). And remember to +respect me if I helped you ; )
  • initial step pls

  • edited March 14

    I'm ssh'd as a user, but not seeing a flag in the home directory. Is there meant to be one in the normal place?

    EDIT: Nevermind, had to jump to next user.

  • SSH bruteforce is involved?

  • Type your comment> @ZuS said:

    initial step pls

  • @sakas4 > @sakas4 said:

    SSH bruteforce is involved?

    Not sure if troll, but for others that see. Brute force has almost never been the answer on any of the newer boxes.... That being said it could always be a thing on this or any box, but should be a last ditch effort these days...

    OSCP
  • is Failed to d*** a part of the game or just a collateral damage? :)

  • Ran lot of wordlists to fuzz the website. Did not find a single file. Must be something stupid...
    Some hints for initial foothold ?

  • Type your comment> @Crafty said:

    Ran lot of wordlists to fuzz the website. Did not find a single file. Must be something stupid...
    Some hints for initial foothold ?

    Trying reading whats not immediately obvious on the web page

  • Type your comment> @Crafty said:

    Ran lot of wordlists to fuzz the website. Did not find a single file. Must be something stupid...
    Some hints for initial foothold ?

    Maybe you have to read better what you already have;)

  • Super easy and fast machine.
    Worst part: people not understanding and lagging it a lot with tons of bruteforce in both open ports. Also some guy had the idea of changing some relevant binary, dont know if he found it to be funny or what.

    Hack The Box

  • Type your comment> @chinonino said:

    Type your comment> @Crafty said:

    Ran lot of wordlists to fuzz the website. Did not find a single file. Must be something stupid...
    Some hints for initial foothold ?

    Maybe you have to read better what you already have;)

    there's only so many ways to view that page....someone saying read what you already have isn't really ..well, anything. No clue what this stupid thing is that Im obviously missing...

  • edited March 14

    It is a "guess the directory/page box" ? Because no common wordlists find anything.

    EDIT : Found it, hint : osint.

  • tip initial shell: search the private parts of the creator :disappointed:

  • Type your comment> @Crafty said:

    It is a "guess the directory/page box" ? Because no common wordlists find anything.

    May be you have to "extend" your search a bit.

    image

  • Hello guys, alredy did TCP/UDP scan, and dir/files bruteforcing with dirb,dirbuster,gobuster... I didn't find nothing intrasting, a part a straing html comment on the web page source code. I need a little help, If someone can give me the right way I'll really appreciece that!
  • Spoiler Removed

  • Rooted.
    PM for nudges.

    Hack The Box

  • edited March 14

    Spoiler Removed

  • Wow that was easy :) But not in a bad way. Especially after the flood or hard/insane boxes recently this was a refreshing fun box! I also liked the techniques demonstrated. Thank you @Xh4H!

    Please don't message me for this one, if you're stuck just make sure to read everything and read up on the basics again. Now back to Multimaster...

  • For initial foothold, read what's in front of you, google and you will be on your way.

  • dlopen /root/.ssh/id_rsa failed: /root/.ssh/id_rsa: invalid ELF header

    Any idea why i got this error?

  • Type your comment> @zac777 said:

    For initial foothold, read what's in front of you, google and you will be on your way.

    For the whole box, read what's in front of you, do a cat *

    badge

  • dont get it why people have so much fun with root access to delete some initial files. Get a life

    Hack The Box

  • edited March 14
    Rooted

    Fun box!

    User hint: You got everything you need in front of you, in all the parts of the entire process to user.txt

    Root hint: Look at the process to understand what is going on.

    Hack The Box

Sign In to comment.