NIbbles

191012141519

Comments

  • I am not able to figure it out what is the initial user and password. :(

    andremilke

  • Happy to report I have finally at long last finished this one! I suppose the challenge is relatively easy - for anyone struggling always try remember to take a step back. Relook at how you are entering your commands, the devil unfortunately is most definitely in the detail here!!

    Cheers guys!

  • @Cheetahroam said:
    I am also getting the "manual cleanup of 'image.php' on the target" issue and I am wondering if it might not be caused by too many of us going after the same machine at the same time, resulting in corrupted/conflicting image.php files? If anyone has any suggestions on this I'm all ears/eyes.

    nope, try using different payloads in metasploit. One works every time, the others are flaky. You just have to try them all

  • edited May 2018

    @J3rryBl4nks said:
    I am on the box with what I believe to be a TTY shell. I keep getting errors trying to interact with the local file I SHOULD be able to sudo without a password. Any nudges?

    Removed by request - Arrexel

  • @J3rryBl4nks this is a spoiler not hint :)

  • @darthgucci said:

    @Cheetahroam said:
    I am also getting the "manual cleanup of 'image.php' on the target" issue and I am wondering if it might not be caused by too many of us going after the same machine at the same time, resulting in corrupted/conflicting image.php files? If anyone has any suggestions on this I'm all ears/eyes.

    nope, try using different payloads in metasploit. One works every time, the others are flaky. You just have to try them all

    Yep, figured it out just moments after I posted. Which serves as a good reminder to take a breath and think before acting I suppose. Thanks for taking the time to respond though, it is appreciated.

  • Can anyone PM me about interacting with the file on Nibbles?

    Hack The Box

  • @andremilke said:
    I am not able to figure it out what is the initial user and password. :(

    The user is easy to obtain - look through every file on web
    The password you have to guess - don't overthink it (it's OBVIOUS)

  • @darthgucci said:

    @J3rryBl4nks said:
    I am on the box with what I believe to be a TTY shell. I keep getting errors trying to interact with the local file I SHOULD be able to sudo without a password. Any nudges?

    In order to sudo you have to take advantage of the permissions given to the file. I would google for exploiting sudo via file permissions and read up on it. That's how I was able to get it

    I finally got it. This is a great hint bordering on spoiler. Even knowing this though is not the solution. I had to still do a good bit of trial and error and finally realized what was happening. This is an easy box in hindsight but overlooking very tiny details made it difficult to solve for me.

  • @buckyball said:

    @darthgucci said:

    @J3rryBl4nks said:
    I am on the box with what I believe to be a TTY shell. I keep getting errors trying to interact with the local file I SHOULD be able to sudo without a password. Any nudges?

    In order to sudo you have to take advantage of the permissions given to the file. I would google for exploiting sudo via file permissions and read up on it. That's how I was able to get it

    I finally got it. This is a great hint bordering on spoiler. Even knowing this though is not the solution. I had to still do a good bit of trial and error and finally realized what was happening. This is an easy box in hindsight but overlooking very tiny details made it difficult to solve for me.

    Yeah! even after reading you still have to make sure you have the right information and make sense out of what is happening. Awesome job!

  • > @LetMeO said:
    > Guys, plz give me a right vector. I'm trying to exploit this thing with xss and create post to gain acces to admin panel. Am i on a right way?

    So, any hints? Or i should just figure out what the password and login is.
  • My first HTB box and seems tough enough at this moment. If the user login is the world "default" username, what is the "default" HTB?

    v1ew-s0urce.flv
  • @darthgucci said:

    @J3rryBl4nks said:
    I am on the box with what I believe to be a TTY shell. I keep getting errors trying to interact with the local file I SHOULD be able to sudo without a password. Any nudges?

    In order to sudo you have to take advantage of the permissions given to the file. I would google for exploiting sudo via file permissions and read up on it. That's how I was able to get it

    This is really on the border of spoiler.

    CISSP
    Hack The Box
    ++Repect If you think I help =]

  • @4an7o said:

    @darthgucci said:

    @J3rryBl4nks said:
    I am on the box with what I believe to be a TTY shell. I keep getting errors trying to interact with the local file I SHOULD be able to sudo without a password. Any nudges?

    In order to sudo you have to take advantage of the permissions given to the file. I would google for exploiting sudo via file permissions and read up on it. That's how I was able to get it

    This is really on the border of spoiler.

    There I reported it as a spoiler myself.

  • For whatever reasons I can't get root. I know I have to use the xxxx.sh file but every time when I try to use it, it says that I need a tty shell. Well I tried that but this also doesn't work for me either. When i try to get a better shell it either says "no job control running" or doesn't do anything at all. Can somebody help me via PM?
    If this is a spoiler I will delete it of course.

  • I have found username but password not found. i have read all source code but nothing found. Can anyone give me hint how to find ?

  • You can't find the password. You have to guess it, but it is pretty obvious. Check the pages, it has been mentioned several times.

  • @darthgucci said:

    @4an7o said:

    @darthgucci said:

    @J3rryBl4nks said:
    I am on the box with what I believe to be a TTY shell. I keep getting errors trying to interact with the local file I SHOULD be able to sudo without a password. Any nudges?

    In order to sudo you have to take advantage of the permissions given to the file. I would google for exploiting sudo via file permissions and read up on it. That's how I was able to get it

    This is really on the border of spoiler.

    There I reported it as a spoiler myself.

    I think it is good to keep it there.
    I am new to HTB/pentest hence I am easily overthinking the method. It is a good comment to inspire me to review my process and learn how to get it done.

    CISSP
    Hack The Box
    ++Repect If you think I help =]

  • edited May 2018

    I will also say that it helps to really understand what you see in the enumeration. I looked at it multiple times and knew what I had to do but could not see the clear solution until stepping back and rethinking basic stuff. The trick for me was not to overthink it. Also, simple syntax errors cost me a couple of extra hours.

  • @w4r10ck2 said:
    For whatever reasons I can't get root. I know I have to use the xxxx.sh file but every time when I try to use it, it says that I need a tty shell. Well I tried that but this also doesn't work for me either. When i try to get a better shell it either says "no job control running" or doesn't do anything at all. Can somebody help me via PM?
    If this is a spoiler I will delete it of course.

    In order to interact and get root you need a TTY shell. Pretty simple to accomplish once you understand how to get out of a jailed cell. Google is your friend. If you're using metasploit understanding how to use it to establish TTY will help greatly.

  • Hello there,

    I begin HTB with this machine.

    I have been looking for the default credential for almost a day. Used CeWL and tried all the password listed, tried all the basic passwords a lazy admin can use and still nothing.
    I'll be honest and admit I feel very very bad about not guessing this password. As it is not the most interesting part of this challenge, can someone hit me in private to assure me I have the right username (found on a file, so I guess yes), and the passwords I tried are not these one?

    Thanks in advance fellows.

  • Found it. Thanks dear player who helped me via message.

  • Anyone able to DM a hint for the tty issue? Tried most standard ways to break. Shell is through meterpreter with known exploit for the web service and I know what I need to run (at least I think so).

  • lol a linux admin with over 8 years in the industry here trying to get into infosec. Embarrassing that I can't figure out a default password. Can somebody help?

  • @npsoni use cewl. don't think default, think bad practise

  • I'm really struggling with getting root.. It's a bit discouraging :anguished: I've been reading up on multiple articles involving methods to "abuse" the file in question but I just can't seem to do it. Could someone perhaps shoot me a PM and help me out a little bit?

    Vex20k

  • If somebody needs a some help without expecting for spoilers, feel free to DM me.

  • I'm a muppet. Got root.

  • logedIn. enumerated directories. but cant find user.txt. any Hint ?

  • @GhostCat said:

    logedIn. enumerated directories. but cant find user.txt. any Hint ?

    What can you find?

Sign In to comment.