Magic

1131416181921

Comments

  • huh, the first part was hard, but also it was a great machine, I learned a few things, also thanks for the great hint @choupit0 and thanks @TRX for this box. :)

    alt text

  • Thanks @TRX for the exciting box. Definitely made me feel dumb at some points, but in the end it was a lot of fun.

    Thanks to @helichopper @akshanshshri for the hints

    PM me if you need a hint!

  • Hi All,

    Could somebody please give me some help in getting the user account. I've been stuck in the w******a shell for days, I think I see how to get from the user to root but for the life of me I can't see how we're supposed to get to the user :(

    Thank you.

  • edited May 11

    Type your comment> @lightfu said:

    Hi All,

    Could somebody please give me some help in getting the user account. I've been stuck in the w******a shell for days, I think I see how to get from the user to root but for the life of me I can't see how we're supposed to get to the user :(

    Thank you.

    I've sent you a message with some tips :)

  • Type your comment> @sqw3Egl said:
    > Type your comment> @lightfu said:
    >
    > (Quote)
    > I've sent you a message with some tips :)

    Thank you, and @Gfowler, so much!! Got the user now, onto root....
  • edited May 12

    Argg
    i do not know the stuff for root, spends hours seeking all process.
    But what a fun box, i learn lots of things, even for the Rabbit holes
    PM for nudge are welcome

    Hack The Box

  • edited May 13

    im stuck at root

    found the S.Bin

    string it

    but its a bit confuse.

    can anybody pm me ? thx

    edit: rooted !
    thx for the nudge @cY83rR0H1t

  • Given all your comments, I must be doing something really stupid or not seeing the obvious, as I am struggling to get a foothold. I have tried 'bypassing ' using Burp Suite and use of the 'curl' command but without any joy. As a nube, please can someone DM me and shed some light on what I should be doing? Thanks

  • edited May 13

    I think I have the way but I am missing something critical. I can reach the desired foothold page via curl and burp repeater but am unable to interact any other way. Any nudge to get me past this bump will be greatly appreciated.

    Edit - Got it. Just had to ask the question.

  • edited May 13

    get user.txt.

    found SU*D file S*****o (may be intersting)
    use pspy64,but can't found anything.
    Need some Tips,Please PM me,thanks.


    get root.txt !!!hahaha

  • edited May 14

    Spoiler Removed

  • Nice box, I was amazed on the first foothold, so simple I nearly didn't take into consideration to try it...For the Root part I really wasted some time because I forgot to export path xD

    TBH some of the tips in this forum are so cryptic it feels like trying to understand klingon.
    Here's a few of mine, maybe it helps...

    Initial foothold: it's a login form, think basics, don't over complicate it
    User: It's pretty straight forward, it's not the first and neither the last machine vulnerable to this... even a monkey could pentest it :) just don't forget to sign your magic.
    Root: Honestly this is a bit harder and not all the information you find online is gonna help you that much... To begin just search for what binaries a user can execute then start digging into them and see which can be exploited and how. #suid

    Hack The Box

    it ain't much but it's honest work

  • can some1 pm me for user please?

  • stuck in Root, tried LinEnum, linpeas but didn't get anything, a hint please.

  • @falcon01 said:

    stuck in Root, tried LinEnum, linpeas but didn't get anything, a hint please.

    Manual enumeration might be a lot more effective. I think the tools will have found what you need, but it is hard to spot in their output.

    TazWake

    Happy to help people but PLEASE explain your problem in as much detail as possible!

    Also: https://www.nohello.com/

  • Type your comment> @Ric0 said:

    Hi, is anybody there to sanitize my payload, please? Stuck for some unknown reason ;) If so PM or discord Ric0#7152

    @Ric0 Did you have any luck with your payload? I can't get mine to upload.

  • edited May 15

    wrong post

  • Type your comment> @TazWake said:

    @falcon01 said:

    stuck in Root, tried LinEnum, linpeas but didn't get anything, a hint please.

    Manual enumeration might be a lot more effective. I think the tools will have found what you need, but it is hard to spot in their output.

    can you PM for a nudge please ?

  • Fun system User was quickly done
    up to root but that have to wait till tomorrow

  • edited May 16

    I agree this could have been a box in the PWK lab (OSCP). Take careful notes on this one because you will encounter the specific techniques as well as the general approach again, guaranteed. Also note the tools you used, and references.

    Also, if you know how to use ssh, then getting back in and staying in is trivial after you get user. This is commonly the case on boxes I've seen, also in the OSCP lab.

    LegendarySpork

    LegendarySpork

  • Must machine for anyone trying to get better at Linux Priv Esc and Web exploitation. Amazing machine. PM if you need help.

    Hack The Box

  • I was two hours in this boxes for first user haha. First step is basic enum only! Good luck!

  • edited May 18

    reverse shell not working after upload can anyone give a nudge

    Finally got user

  • Can someone help with initial step? Don't know how to get www-data

  • Rooted! Thanks for the box, learned something in the process of hacking

  • Type your comment> @mrshershulya said:

    Can someone help with initial step? Don't know how to get www-data

    dm

  • Stuck on root. found s******, looked at what it's doing, failed to exploit. I've done something similar in the past, but none of the tricks i learned or searched are working. Could use a nudge. Thanks

    Arrexel

  • I was able to read the root flag with cat in my impostor file, but trying to set up /bin/bash would result in a root shell echoing back my commands to me:

    [email protected]:/root# whoami
    whoami

    Anyone could explain?

  • edited May 20

    hey, i need some help, i have the second password for the user but i'm not able to authenticate as the user (su or ssh), should i be able to?

  • Type your comment> @ines said:

    hey, i need some help, i have the second password for the user but i'm not able to authenticate as the user (su or ssh), should i be able to?

    su will work after upgrading your shell.

Sign In to comment.