Traceback

1235730

Comments

  • got root.

    summary of everything that have already been said before:

    Foothold: read the page, find some interesting things & google this "interesting thing". Once you think you find it, be patient and test everything you found.

    User : I suggest you get a proper shell, then everything is in front of you in plain sight. A command that you should always be running will get you to user's flag.

    Root: There was a box with a very similar flaw couple of months ago. Use pspy to get the root's flag (or shell or anything, really). Read carefully the output and focus on permissions.

    Ping me if you are stuck. However do not ping me without a description of what you have done already. The initial foothold might take you a while, but once you think about what is author telling you, you'll get in easily.

    Good luck

    If my comment somehow helped you, you can show your appreciation with a Respect :)
    https://www.hackthebox.eu/home/users/profile/117977

  • Hi
    I have found the hint for OSINT on the website and found the "directory" W *** S ***** in my google search.
    But I don't know what to do next.
    I don't know what W ** S **** I should use and how I should use it
    Any hint guys?
    thx :c

  • rooted

    very straight forward the whole way and really fun. Lots of great hints in the forum as well.
    Learned something new with root and thought it was pretty sweet. Definitely did remind me of a previous box which helped a bit.

    Hack The Box

  • I will never finish this box....

    Reset after reset

  • Spoiler Removed

    |OSCP|

  • Type your comment> @DrayAgha said:

    I'm stuck as webadmin. I keep trying to run L*a reverse shells through the path from sudo -l, but I'm getting nowhere. Can anyone offer advice?

    Same here. I try to import a ssh key but i have errors running the .lua file.

  • edited March 2020

    @sakas4 said:
    Type your comment> @DrayAgha said:

    I'm stuck as webadmin. I keep trying to run L*a reverse shells through the path from sudo -l, but I'm getting nowhere. Can anyone offer advice?

    Same here. I try to import a ssh key but i have errors running the .lua file.

    Same:(

  • @DrayAgha @sakas4
    On the right path, sudo --help is all you need to get there.
    Thank you @Ursa

  • Type your comment> @Big7asty said:

    @DrayAgha @sakas4
    On the right path, sudo --help is all you need to get there.
    Thank you @Ursa

    I rly tried everything.

    It doesnt work.

  • edited March 2020

    Type your comment> @sakas4 said:

    Type your comment> @Big7asty said:

    @DrayAgha @sakas4
    On the right path, sudo --help is all you need to get there.
    Thank you @Ursa

    I rly tried everything.

    It doesnt work.

    No really, there is a sudo arg that will get you there. If you havent tried running sudo with arguments, you havent tried everything.

  • very funny box, foothold is a simple custom list, user is in front of you and root is simple but I've waste two hours for reset.
  • What a stretch with all those resets :D
    Other than that, really liked that box. Thank you @Xh4H for the nice box. Really loved it for being straight forward to solve.


    Hack The Box
    GREM | OSCE | GASF | eJPT

    Feel free to PM me your questions, but please explain what you tried, so far.

    Currently busy with AWAE

  • Guys, i'm stuck on the root privileges escalation. I looked at what is going on on the system and I've found that there is a special directory with some files with good permissions. Any hint?

  • Rooted! Very nice and particular box :)
    Hints in DM!

  • Root was a pretty elegant play. It took me a minute to understand what to do with it, but it is an AWESOME technique. Just because someone owns something doesn't mean they own the intellectual property to it. :wink:

  • I have no clue how osint works. A little help would be appreciated

  • edited March 2020

    got the user but still stuck on the root have no idea what i m looking for here any hints please !!!!!

  • Type your comment> @GoldDomar said:

    got the user but still stuck on the root have no idea what i m looking for here any hints please !!!!!

  • edited March 2020

    getting the root is harder than what i was expecting from reading comments

  • Type your comment> @s1lv3rst4r said:

    I am doing osint but no progress what to search

    Look at the html comments

  • edited March 2020

    Can someone please PM me and give me a tip on root? I can see the u****-mo**.d and permissions are user r*** group s******n, but I'm really not sure how to escalate. Tried to modify some files but can't trigger them. Monitored the output for pspy but wasn't helping all that much. I can see a couple of cp commands running every 30 seconds but not sure how that's useful.

    edit: Rooted. Too many people messing around on this thing. My best advice is to wait a while for traffic to slow down on this box, give it a couple weeks maybe...

    If not, don't make the same mistake I did. If you know what you're doing is correct, keep trying and you may get different results ( Einstein's exact definition of insanity ). PM for help.

  • Nice OSINT touch, thanks @Xh4H for the box! Plenty of hints on the forum already, but PM me if you need specific hints.

    peterdjalaliev

  • Rooted. Nice easy box. PM for help 🤓

    Hack The Box

  • Finally rooted! Fun box for nubs and learned a thing or two. I will say there has been a lot of resetting of the box unnecessarily. I reset it once myself but only because someone overwrote the needed binary with their reverse shell (LOL). Other than that the box was pretty stable.

    Initial: Don't reset the box over and over when you cant figure it out, start paying attention to hints given in front of you, then go from there. Basic OSINT is your friend.

    User: Learned a little about a new language, make sure to, once again, read whats in front of you to get user.

    Root: I overthought this one way too much. My suggestion is to make sure you understand basic operations in the Linux OS. Then it will click (at least it did for me).

    5p3c702

  • can some give little nudge on how to use that w** *****s?

  • Type your comment> @awarkozak said:

    can someone please PM me and give me a tip on root? I can see the u****-mo**.d and permissions are user r*** group s******n, but I really have no clue how to escalate. Monitored the output for pspy but wasn't helping all that much. I can see a couple of cp commands running every 30 seconds but not sure how that's useful

    i'm stuck at the same place, hints?

  • edited March 2020
    Rooted!. Nice box with new interesting things.
    For User->Google around for that you got.After you got into system back to old day!.
    For Root->If you are attacker what will you do to notice you hacked their whole system?
  • Great box, rooted in about an hour.
    Come hang out ^_^
    https://discordapp.com/invite/h22KRvU

    Thanks @Xh4H

    Treelovah

  • Rooted! I appreciate that an easy machine is really an easy machine. Fun box @Xh4H

  • And done. PM if someone gets stuck :)

    menessim

Sign In to comment.