Official TheNotebook Discussion

Official discussion thread for TheNotebook. Please do not post any spoilers or big hints.

«13456

Comments

  • Good luck, everyone! This is my first submission for the platform. Looking forward to having your precious feedback to create more content. :)

  • The machine appears to be living up to it's difficulty level

    badge

  • Type your comment> @mostwanted002 said:

    Good luck, everyone! This is my first submission for the platform. Looking forward to having your precious feedback to create more content. :)

    So far so good! Struggling so far ;)

    Hack The Box

  • Enjoying your machine friend!

    Apreciando sua maquina amigo!

    Hack The Box

  • edited March 6

    Very interesting box so far. I'm stuck on the privesc; not really sure where to go from here. It's a head-scratcher.

    EDIT: I'm an idiot. As always, the answer was to actually enumerate properly instead of improperly.

    Alh4zr3d

  • Hello,

    I think I've found a way to get a foothold and have got the machine to successfully request a file from my machine, but I'm not sure where to go from there.

    I've also noticed that I can edit a few values somewhere but have gotten no results.

    Am I even on the right track? A nudge would be appreciated

    badge

  • need help at foothold please. I'm out of left options

    Hack The Box

  • Got RCE but stuck on PrivEsc ; funny route to RCE

  • edited March 7

    Got RCE but stuck on PrivEsc ; funny route to RCE

    @update got first user xD is pretty easy

    Rooted~ funny box if u need hint write me a PM

  • Got RCE but stuck on Privesc
  • Rooted.
    Pretty easy machine in comparison to other medium boxes.
    P.M. for a nudge

    Hack The Box

  • stuck on privesc to root, can I get a nudge please i tried everything i could think off

  • Just got foothold, love it!
  • Thanks for the fun box @mostwanted002! :)

    jamesa

  • edited March 7

    Nice box, I was a bit off on the beginning because my "exploit" didn't work but after a while it started so I don't really know why. Anyway rooted :smiley:

  • Thanks for the good machine mostly the root part @mostwanted002 :smiley:

  • Finally rooted this one. Nice box @mostwanted002!

    Foothold was definitely the funniest part for me.

    For user: enumerate enumerate enumerate, and beware the rabbit holes. There's a pretty huge one I fell into and took me a lot of time, but I learned new stuff in the process, so I guess I don't regret going down to it ¯\_(ツ)_/¯

    Root is maybe the easiest part: consider what you can do, maybe take a look at rate matrix for hints on what you should enumerate.

    PM me for hints, but make sure to include proof that you have done your homeworks :wink:

  • Thank you, everyone! Your feedback means a lot. I'll be trying to make more submissions ahead. :D

  • Very enjoyable machine. I learned something new, thanks @mostwanted002

    sparrow1

  • id
    uid=0(root) gid=0(root) groups=0(root)
    [email protected]:/#

    What a journey,learned new things,overall nice box :)

  • Got user ¯_(ツ)_/¯ but struggle with root part so far. 👀 for a nudge how to use that *ock** command i could run under root rights.

    HD0x01

  • Rooted nice machine thanks to machine creator
  • Don't really get it hahah. Am I supposed to hit the so**** on lo*ho via the j** co****? Cause I tried pretty much everything else :D rofl I don't get it ahha

  • edited March 7

    Anyone got a nudge on root? cant seem to get the root shell to kick

    Nevermind i got it

  • In the mean time I installed the node app that nmap reported for the highest port (probably not correct) haha it took forever cause all deps where broken but then it worked and I made a websocket connection on my box but guess what lol didn't work on the notebook. damn going to bed probably fooled by a funny box :D :D great job! love it.

  • edited March 8

    Hi
    Can't seem to understand the way to foothold. I used gobuster multiple times, didn't find anything useful. Analyzed all the requests, not found anything. Searched for vulns for the nginx version, did not find anything useful. Cannot find any creds of any admin account. Not much functionalities available after signup. Now I'm definitely missing something.
    Also I don't have any idea about the rx**i on port 1***0, might be the correct path. Can anyone point me to the right direction.
    Thanks

  • [email protected]:/root# id
    id
    uid=0(root) gid=0(root) groups=0(root)

    Great machine, thank you for the help and for making this one!
    @mostwanted002

    Hack The Box

  • edited March 8

    Spoiler Removed

  • Finally I got it working ;)

    root
    thenotebook
    uid=0(root) gid=0(root) groups=0(root)

    ¯_(ツ)_/¯

    HD0x01

  • Finally rooted it... great box @mostwanted002

    Hack The Box

Sign In to comment.