Official Time Discussion

12467

Comments

  • @grav3m1ndbyte said:

    I got user at this point, and I think I found what I need to know for root, but based on what I found and how it can be used, it got me all confused...can someone help and put me in the right track?

    Difficult to not spoil, but if it is writable, write to it.

    TazWake

    Note: https://www.nohello.com/

    Happy to help people but PLEASE explain your problem in as much detail as possible! If you say vague things like "It's not working", I cant help. This isn't Twitter so my DMs are always open.

  • Type your comment> @TazWake said:

    Difficult to not spoil, but if it is writable, write to it.

    I had to PM you, but I'm sure we are talking about the same thing.

    Hack The Box
    CISSP | eJPT

  • Just to think I wasn't that far off from it (SMH)! Definitely was a fun box!

    BTW, @TazWake thanks for the nudge!

    Hack The Box
    CISSP | eJPT

  • Can someone PM me about the foothold and the user?

  • Hi everyone, ive been looking for a CVE but there so many that i cant tell what to use. Any help? please

  • Type your comment> @MariaB said:

    @swiru95 i will

    Hi @MariaB, can i get some hints too? Thanks in advance.

  • @marsupial33 said:

    Hi everyone, ive been looking for a CVE but there so many that i cant tell what to use. Any help? please

    If you look at the response to various submissions, there is a string which helps narrow down the search.

    TazWake

    Note: https://www.nohello.com/

    Happy to help people but PLEASE explain your problem in as much detail as possible! If you say vague things like "It's not working", I cant help. This isn't Twitter so my DMs are always open.

  • @marsupial33 said:

    Hi everyone, ive been looking for a CVE but there so many that i cant tell what to use. Any help? please

    I had the same problem initially but if you look at how they have patched these types of vulnerabilities you can use that knowledge to find the correct one by automation. It really makes the needle stand out from the haystack.

  • Some people said this box is easy but honestly, when you never had to exploit that kind of vulnerability, it's kind of a nightmare. I spent hours and hours reading articles and watching videos, trying to get my head around it, plus... Java... and in the end that was a little push from @TazWake that helped me enough to get a shell. But, yeah, if you struggle, that's okay, lots of new things here and you might catch a lot of fishes before grabbing the good one. Good box overall, and root part was just a matter of paying attention.
    I also don't know why people said to look at the newest CVE, it seems very misleading, unless there are several ways to do it, in case I'd be happy if someone could give me a link with explanations :)
    Thanks @egotisticalSW & @felamos !

  • Can someone PM for the hint?

    laet4x

  • Type your comment> @laet4x said:

    Can someone PM for the hint?

    Im done.

    laet4x

  • Is there any CVE for the J*** b********r on port 80? I'm unable to get any foothold, a nudge

  • @alalno said:

    Is there any CVE for the J*** b********r on port 80? I'm unable to get any foothold, a nudge

    There is but it might need some slight tweaking from the syntax on the github page.

    I'd suggest trying stuff and googling the responses.

    TazWake

    Note: https://www.nohello.com/

    Happy to help people but PLEASE explain your problem in as much detail as possible! If you say vague things like "It's not working", I cant help. This isn't Twitter so my DMs are always open.

  • Rooted!
    I highly recommend this box for beginners, especially the privilege escalation part.
    User: Google-fu
    ROOT: that's easy, you got this.
    PM me for a nudge. But first tell me what you've tried.

  • I went down the rabbit hole. Spent two whole days researching articles on a specific type of vulnerability as this is my first exposure to it. I reset this morning and took a step back. I get certain errors but don't know what to do with them, the google-fu that everyone expects is subjective and it leads me back to the same articles I was researching for two days. No bueno.

    GRID, GPEN

  • @weeeeeeeeee said:

    I went down the rabbit hole. Spent two whole days researching articles on a specific type of vulnerability as this is my first exposure to it. I reset this morning and took a step back. I get certain errors but don't know what to do with them, the google-fu that everyone expects is subjective and it leads me back to the same articles I was researching for two days. No bueno.

    There is a lot of trial and error. Once you get the error messages, you can google them, and (I assume luck plays a huge part here) this might point at the right thing.

    It's difficult to go beyond this without a spoiler though as I don't know what else to say, other than "use XXXX". I found the best resource was named $Technology R** and S**F.

    It did need a tiny bit of tweaking IIRC.

    TazWake

    Note: https://www.nohello.com/

    Happy to help people but PLEASE explain your problem in as much detail as possible! If you say vague things like "It's not working", I cant help. This isn't Twitter so my DMs are always open.

  • Fun Box!
    User: google-fu
    Root: standard enum scripts highlight it, its pretty easy and has been seen on many boxes before

  • edited November 2020

    Hey Everyone,
    I need a bit of help on the initial foothold. I'm confident that I have the correct CVE and exploit. I can confirm the get request is reaching me and retrieving i*****.s**. However, I get a s** error on website that says: command: slow query: 239 ms. Which, I remember correctly is an indication that the s** query has timed out essentially. Anyone else hit this snag?

    Thanks for your help!

    Update
    Nvm rooted.

    Harbard

  • is anyone available for giving a nudge on this machine??? im trying to use a CVE that has R** and S**F but unable to get it to implement properly.

  • @yukon0187 said:

    is anyone available for giving a nudge on this machine??? im trying to use a CVE that has R** and S**F but unable to get it to implement properly.

    Try injecting it into a modification request by tampering with the name field.

    TazWake

    Note: https://www.nohello.com/

    Happy to help people but PLEASE explain your problem in as much detail as possible! If you say vague things like "It's not working", I cant help. This isn't Twitter so my DMs are always open.

  • Hello! I have been searching for the right CVE, as per the hints - I think I have the right one... It shows you how to confirm that it's a vulnerability... and it does -- Though I am having issues using javac without the right classes - Any help is appriciated!

  • user part was interesting. But don't worry about root part. İt's easy PEASy :) good luck!

  • edited November 2020

    Can anybody help me? This is my first machine. I can't find the CVE but I'm pretty sure I know the vulnerability (J**N). I think I need to know more though but I can't find anything useful. I've tried directly starting a shell by inputting true into the validation box and then entering a php reverse shell, but that just causes the website to lose connection or crash. I know I can find usernames and passwords through this vulnerability but idk how cuz I'm still learning burp and J**N.

  • edited November 2020

    Just hint me though. Don't give me the whole thing, I wanna try to figure this out with just hints

    Update: Maybe I was wrong? S** inj****** possibly.

  • Anyone can give me a little help? I've looking through the CVE's and having no luck with them. How did you narrow down to the right one?

  • edited November 2020

    Learned quite a bit with this box. Never had any experience with this type of vulnerability and I dont consider myself an expert after this either hahaha. Just understand more or less the basics of it. Wouldnt really know how to do a exploit myself tho because of my lack of knowledge of the programming languaje. I will learn it in the future tho, looks interesting.

    For those struggling:

    • User: look on internet for some articles on the vulnerability, there are many, there is just one that works. At least that I have tried. Look on blogs and not so much on tipical sites (hope it is not too much of a spoiler). Maybe you have to change it up just a bit.

    • Root: tipical privilege escalation scenario, maybe a PE script will help.

  • Type your comment> @zomry101 said:

    Rooted! First time I root machine alone (with some hints from the guys in the forum), If someone need help, feel free to DM me with what have you tried.

    I'm about to DM you for some help. If anyone else has any nudges, I'd appreciate it.

    Basically, I get the principle behind sp.x but I can't get J*** to fire it off the way google tells me it should.

  • Machine response to me "********* re**** *** SYS", But don't have any thing back to me. I don't know it became by connection or i did it in wrong way :(

Sign In to comment.