Official Spectra Discussion

123457»

Comments

  • I rooted this but was wondering if anyone else had issues with the w* admin area? It was all broken for me. I reset the box same thing. When i clicked on themes then the panel returned and looked how it should. But if i clicked on dashboard the whole panel would disappear again. I probably don't make sense right now haha.

  • I've got foothold, but my sll is crummy and won't respond to commands. I've tried others as well, but I get the same inconsistencies. Anyone want to PM me a sll that worked for them and was stable for foothold? Thanks!

    Hack The Box

  • Not too hard but if u want to pwn! You shuld be able to understand bash script. good lucksh

  • I just completed this box. The first part was kind of hard, just because the website was not displaying the options properly and it took some time to get it working.

    Once inside the box, it went easier to obtain the flags. If anyone needs some hints let me know.

    Pepe

    pp123

  • edited May 27

    Type your comment> @Notorious1 said:

    I rooted this but was wondering if anyone else had issues with the w* admin area? It was all broken for me. I reset the box same thing. When i clicked on themes then the panel returned and looked how it should. But if i clicked on dashboard the whole panel would disappear again. I probably don't make sense right now haha.

    I think that is the "in development" aspect of the website. I experienced the same thing at least ;)

    I'm stuck as the n**** user for a couple of hours now, ran linpeas and other enum scripts and performed extensive manual enumeration, I just can't seem to find anything interesting.. I found valid creds for the db but there was nothing.. I would really appreciate a nudge at this point.

    Edit: found it, jesus, I went over this file like 3 times without realizing the potential -.-
    Edit2: Rooted, man, all that time lost while searching the damn file (is it really lost time? idk)

    dombg

  • At the moment I am dying... so far I have gained access to cms. From there I'm trying to upload a commonly known p***** but so far the webserver is blockin me... any nudges please?

  • Type your comment> @Gorichka said:

    Let me ask you a rudimentary question.

    When I run the file I edited with the nano command, it reverts to its original contents.

    What should i do?

    Same problem here. did you found any explanation?

  • Type your comment> @pp123 said:

    I just completed this box. The first part was kind of hard, just because the website was not displaying the options properly and it took some time to get it working.

    Once inside the box, it went easier to obtain the flags. If anyone needs some hints let me know.

    Pepe

    hi , I'm stuck as the n**** user, can you give some hint ?

  • @fixas said:

    hi , I'm stuck as the n**** user, can you give some hint ?

    Enumeration.

    Look for things that aren't normally on a system in a folder where the optional files are stored.

    Examine the data. Find loot. Use the loot.

    Note: I am not going to be available much in September.

    TazWake

    Note: https://www.nohello.com/

    Happy to help people but PLEASE explain your problem in as much detail as possible! If you say vague things like "It's not working", I cant help. This isn't Twitter so my DMs are always open.

  • Type your comment> @TazWake said:

    @fixas said:

    hi , I'm stuck as the n**** user, can you give some hint ?

    Enumeration.

    Look for things that aren't normally on a system in a folder where the optional files are stored.

    Examine the data. Find loot. Use the loot.

    Thanks for your help

  • Rooted!
    Very easy on root privesc not so easy on user enumeration.
    If you need some hint just DM

  • why am i getting error establishing a database connection?

  • @twistednerd said:

    why am i getting error establishing a database connection?

    Probably because the page you are connecting to hasn't been configured properly. It might be worth investigating it a bit more.

    Note: I am not going to be available much in September.

    TazWake

    Note: https://www.nohello.com/

    Happy to help people but PLEASE explain your problem in as much detail as possible! If you say vague things like "It's not working", I cant help. This isn't Twitter so my DMs are always open.

  • Type your comment> @TazWake said:

    @twistednerd said:

    why am i getting error establishing a database connection?

    Probably because the page you are connecting to hasn't been configured properly. It might be worth investigating it a bit more.

    Thanks for the reply. but i'm trying to access the admin.php in one of the directories.

  • @twistednerd said:

    Type your comment> @TazWake said:

    @twistednerd said:

    why am i getting error establishing a database connection?

    Probably because the page you are connecting to hasn't been configured properly. It might be worth investigating it a bit more.

    Thanks for the reply. but i'm trying to access the admin.php in one of the directories.

    Is that working?

    Because if it isn't, you might want to investigate the folders rather than a file that's generating an error message.

    Note: I am not going to be available much in September.

    TazWake

    Note: https://www.nohello.com/

    Happy to help people but PLEASE explain your problem in as much detail as possible! If you say vague things like "It's not working", I cant help. This isn't Twitter so my DMs are always open.

  • Hello! Is anyone willing to have a discussion about the method used to root this box? I don't understand why the intended method works but an approach I first expected wouldn't. I'd love to learn why it works the way it does. Thanks in advance!

  • Hi, rooted it!
    For the foothold, I'd strongly recommend you don't overlook the second link on the main page! It might save you some time...
    Happy hacking!

  • Just rooted but no root.txt in the dir......just two flag looking letter / number combos but neither of them are the flag. Even had the machine reset and done the whole privesc process again twice. Still the same? Is the box broken or am I broken??

  • Cancel that.......I was broken

Sign In to comment.