NIbbles

1235719

Comments

  • Got the login, got a decent working shell and enumerated enough to know exactly what i have to do. But somehow it wont work. Can i shoot someone a PM?

  • I've not been blocked because I guessed the password and login. Try the login/pwd very usual what you could found in a WAF webpage admin and so on. It's hard not to give you the solution ;)

    Drx51l

  • So I got the user.txt and trying to priv esc. Somehow reverse shell cheatsheets dont seem to work. I always get the shell with user and not root. I am editing a certain file for reverse shell and cannot seem to get root. Any help appreciated.

    FloptimusCrime

  • meybe u can edit the file to show you some other files instead of reverse shell?

  • Has anyone been able to crack what's in user.txt. Tried john and haschat but can't seem to get it.

  • you don't have to crack it @meni0n

  • I'm having trouble finding user.txt. I have admin credentials. Is there something I'm missing that's painfully obvious? I have a good idea how to gain root but as far as user I don't know.

  • I got a reverse shell as www but after enumerating and trying a bunch of exploits and even metasploit i still can't elevate. I feel like I am missing something.

  • Spoiler Removed

  • @Elephant7oast said:
    I am having trouble getting root, I have enumerated as much as possible but I am not seeing anything "unusual". I must be blind, any tips on how to elevate to root would be very much appreciated.

    Have a look around the file system for some interesting files! ;)

  • @meni0n said:
    I got a reverse shell as www but after enumerating and trying a bunch of exploits and even metasploit i still can't elevate. I feel like I am missing something.

    You don't always need to use metasploit or an an exploit to priv esc! Sometimes you are given the resources to priv esc, but you just have to find them.

  • login creds that I used to get user flag are now not working when I try to connect again to get root. anyone else having this issue?

  • nevermind I figured out how to fix it

  • Can anyone give me a nudge in the right direction. I have got the default credentials and have logged in. I'm not exactly sure where to go. I've tried a few things that didn't yield any results. Any hints would be greatly appreciated!

  • Can anyone give a hint regarding the final step? I've found the correct script I assume but /root/root.txt: Permission denied

  • Guys, after 1 hour i was able to guess the credentials, but its very frustrating. I dont believe i wouldhave guessed the credentials without your hints. Is there any indication on the box itself that may have lead me to believe these were the creds?

  • Hi! I'm trying to do something on a file to get root.txt, I can't really be more specific because I'd probably spoil it, but I am getting errors which I'm not sure I should be getting. Can I message someone to ask please?

  • having issues guessing the pw :-(

  • I'm stuck on low shell and can see what the user can run in terms of a script with a need for a password, but can't for the life of me figure out how to edit it. Any ideas or nudges?

  • nvm, got root :), just took some thinking and tinkering

  • @CyDefUnicorn said:
    I'm stuck on low shell and can see what the user can run in terms of a script with a need for a password, but can't for the life of me figure out how to edit it. Any ideas or nudges?

    Does it need a password?

    For those that are still struggling with the login (as I was), suss out what user a standard install would have.

  • Haha FFS, I swear I tried that combination.. It is really easy, you believe you've already tried it, just try it again

  • edited March 2018

    @Gear01 said:

    @CyDefUnicorn said:
    I'm stuck on low shell and can see what the user can run in terms of a script with a need for a password, but can't for the life of me figure out how to edit it. Any ideas or nudges?

    Does it need a password?

    For those that are still struggling with the login (as I was), suss out what user a standard install would have.

    Nope, no password actually when you're in a low priv shell. Just gotta look at what's already available for you in terms of access and tools, and also files that are already there. Unless you're referring to trying to get into the web app... If that's the case... think VERY simple in terms of password. Actually, the answer is on HTB already.

  • I guessed the correct password fairly quickly but I suspect someone changed it, so if you think you have it you might have to reset the box because trolls.

  • i managed to guess the credentials for the blog but still i can neither get a reverse shell nor ssh with them.I have no idea what to do next please help

  • I know the exploit, I have not been able to even see or to get to a 'log in" page after multiple tries of setting the username and password as different things for Metasploit. (delete if spoiler) please, any hints?

  • never mind, got the login page, just not sure where to go from here

  • fuck cant get the root.txt :(

    Hack The Box

  • No matter which shell I try, I keep getting "This exploit may require manual cleanup of 'image.php' on the target". Am I missing something here?

  • i found what i need to find to get root.txt... clearly should be able to use it to elevate. however, when trying to utilize what i found with the proper permissions, i'm seeing this:

    ": unable to resolve host Nibbles: Connection timed out
    : no tty present and no askpass program specified"

    any ideas here? nothing i've been able to do, reading up on ttys, has been able to get this to work.

Sign In to comment.