• hi I found it's good until now?

  • edited June 2018

    Spoiler Removed - Arrexel

  • so i tried to get LinEnum on the host via wget, curl, and scp from my host but none of them work. Can someone point me in the right direction as to how to get the shell script on the host> @Demosz said:

    I've got the user flag and I can't for the life of me figure out how to get root. I've run and I know about what's weird but I don't know how to use that information because of the 'tty not detected' error when I try to sudo. Can I PM someone for some advice?

    How did you get the to run? I'm having issues PM me?

  • edited June 2018

    Spoiler Removed - Arrexel

  • @darthgucci I searched but I did not find anything suspicious, where exactly

  • @T3jv1l said:
    @darthgucci I searched but I did not find anything suspicious, where exactly

    I can't tell you where, since that would give you the answer. Under /admin/ there are directories and files. Search through them and you'll find the username

  • I am starting to loose the will to live with this one. I have the user.txt but not the root.txt. I am unable to re-create my shell. I get an errors regarding a cleanup of image.php - I also have to contend with the machine being reset every 20 minutes. Its doing my head in.

    So has anyone else been able to get a shell before and unable to recreate the exploit?

  • i found the password

  • and username

  • can someone who rooted machine dm me! need some help!

  • PM me for advice. I got root this morning despite the "tty shell needed" error and I know how you're fucking up. I'll give you a proper hint no spoilers but it's an easy fix.

  • Ah okay guys it seems I'm going to admit defeat and ask someone to help me with the root flag! Spent 2 weeks on this got my shell up and running, ran and got all the info I can gather. Tried multiple exploits, tried changing the file and spent countless hours on su and sudo!

    Anyone care to PM me with some help...even the answer as I have truly learnt so much on what NOT to do

    Thanks guys

  • i am login in admin ,wich is next step ,i need help pliz ,i am new

  • Anyone...? pointer in the right direction please...doing my nutter in here

  • I need help pliz with shell php :(

  • Still stuck on trying to get root, this is my first HTB. Any help would be appreciated to get root!! PM me!

  • Masterrabbit - there are a lot of hints and nudges in the right direction in this thread.

    It's all about enumeration at this point. Once you find it, you will wonder how you didn't notice it sooner.
  • i found the exploit but it's not working to set targeturi ?

  • Set targeturi the same way you set other variables in metasploit.

    If unsure what it should be think about what a uri is
  • edited June 2018

    Spoiler Removed - Arrexel

  • Is that the full uri?
  • @AgentTiro i dont know

  • edited June 2018

    Spoiler Removed - Arrexel

  • edited June 2018

    Spoiler Removed - Arrexel

  • edited May 2018

    @darthgucci i got it ty :)

  • Guys, plz give me a right vector. I'm trying to exploit this thing with xss and create post to gain acces to admin panel. Am i on a right way?

  • I am on the box with what I believe to be a TTY shell. I keep getting errors trying to interact with the local file I SHOULD be able to sudo without a password. Any nudges?

    Hack The Box

  • I am also getting the "manual cleanup of 'image.php' on the target" issue and I am wondering if it might not be caused by too many of us going after the same machine at the same time, resulting in corrupted/conflicting image.php files? If anyone has any suggestions on this I'm all ears/eyes.

  • Figured out the issue, I don't believe it had anything to do with too many users.

Sign In to comment.