Official TheNotebook Discussion

1246

Comments

  • Am stuck at the door of the root own... Tell me if you get the same problem while executing main file :

    ./main: error while loading shared libraries: libgo.so.16: cannot open shared object file: No such file or directory

    I don't want to spoil so my DM are open !

  • Given the discussion of '2 sessions' above - Pretty sure I took an unintended path from user=>root. @mostwanted002 gimme a DM if you are interested to discuss.

    I enjoyed the box, and learned something in foothold - thanks!

    malc

  • Really enjoyed this box! Respect to the author.

    Both foothold and priv-esc techniques were new to me -- both use technologies you've most likely abused before, I just doubt you've abused them in these specific ways. Definitely learnt something new here!

    Happy to try and take DMs on this if you can tell me what you've done/tried!

    5ysk3y

    For assistance:

    1) Give me some insight as to what you've tried already, or ideas you've moved past
    2) Don't expect me to give you the answer-- that defeats the object of being here.

    If you find my assistance useful, in any case, please consider clicking that awesome respect button on my profile!

  • Stuck at foothold

    I've tried exploiting J** via k** parameter an n*** a********. Am I going in the right direction or am I overcomplicating things?

  • edited May 6

    I was stuck on foothold for so long, wondering why it wasn't working, only for me to figure out that it was because I was using the wrong email address. Needless to say, I'm embarrassed lol
    My PMs are open if anyone wants nudges for foothold! I'm online most of the time

    edit: Rooted! (kinda). Got the flag but couldn't figure out how to get a full connection back. Would love to run my attempts by someone to see what I was doing wrong!

    DM me if you need any advice on getting root flag!

  • Type your comment> @mostwanted002 said:

    Good luck, everyone! This is my first submission for the platform. Looking forward to having your precious feedback to create more content. :)

    This was a great box! Thank you for making it

  • Type your comment> @therodri2 said:

    Stuck at foothold

    I've tried exploiting J** via k** parameter an n*** a********. Am I going in the right direction or am I overcomplicating things?

    You are definitely going in the right direction. Remember that new k** needs to be on the j** as well.

    C3libarin

  • @5ysk3y said:
    Really enjoyed this box! Respect to the author.

    Both foothold and priv-esc techniques were new to me -- both use technologies you've most likely abused before, I just doubt you've abused them in these specific ways. Definitely learnt something new here!

    Happy to try and take DMs on this if you can tell me what you've done/tried!

    Agreed! Really loved these new techniques for old abuses.

    C3libarin

  • Stuck on root... could someone pls give me a nudge? I have found something I can execute, but there is nothing to execute it on. Also it seems I can't start the thing in the first place. Maybe I'm in a rabbit hole?
    Like to discuss further...

  • Type your comment> @Xen0m0rph said:

    Stuck on root... could someone pls give me a nudge? I have found something I can execute, but there is nothing to execute it on. Also it seems I can't start the thing in the first place. Maybe I'm in a rabbit hole?
    Like to discuss further...

    Remove the wildcard at the end of such commands.

    C3libarin

  • Hi guys, Im stuck at foothold, i try modified the kd field, the admn_ap field and generate my own private key but i still can't authorized.
    I would be very appreciate to receive any hints

  • Rooted. any help dm as usual . Help assured from me :)

    Eat-Sleep-Shit-Repeat Security
    kragle
    If I helped you, you may +1 with respect

  • edited May 13

    Can someone just confirm that for user flag its the folder /t##/.bo##? Looks weird to me that this is the way, and I want to do the intended way

    Hack The Box

  • Type your comment> @C31ibarin said:

    Remove the wildcard at the end of such commands.

    Thanks @C31ibarin ! I thought I had tried that, but obviously I didn't.
    Rooted now.
    That was a fun box, learned a lot! Thx @mostwanted002 !

  • edited May 16

    @jsarmz said:
    Can someone just confirm that for user flag its the folder /t##/.bo##? Looks weird to me that this is the way, and I want to do the intended way

    No it's not. :wink:
    The user flag is in its usual location in the user's home directory.

  • edited May 17

    @m1tch404 said:

    Am stuck at the door of the root own... Tell me if you get the same problem while executing main file :

    ./main: error while loading shared libraries: libgo.so.16: cannot open shared object file: No such file or directory

    I don't want to spoil so my DM are open !

    Having the exact same issue, did. you manage to solve it?

  • Type your comment> @3ctr1x said:

    @m1tch404 said:

    Am stuck at the door of the root own... Tell me if you get the same problem while executing main file :

    ./main: error while loading shared libraries: libgo.so.16: cannot open shared object file: No such file or directory

    I don't want to spoil so my DM are open !

    Having the exact same issue, did. you manage to solve it?

    Same here, anyone I can DM about it?

  • Thanks @mostwanted002 . Cool machine. Especially first part (foothold) was tricky enough and interesting.
    User and root were relatively straightforward if you follow standard enumeration and and research discipline.
    pm me for nudges

    al3ksec

  • Any hint for foothold?

    If i helped you, i would like to receive a respect
    Hack The Box

  • I'm stuck on root. I feel like I'm at my wits end. Can anyone PM me a hint? I feel like I'm overlooking something.

  • @lumen said:

    I'm stuck on root. I feel like I'm at my wits end. Can anyone PM me a hint? I feel like I'm overlooking something.

    There is a public exploit. It probably needs two sessions running to make it work.

    Note: I am not going to be available much in September.

    TazWake

    Note: https://www.nohello.com/

    Happy to help people but PLEASE explain your problem in as much detail as possible! If you say vague things like "It's not working", I cant help. This isn't Twitter so my DMs are always open.

  • Type your comment> @TazWake said:

    @lumen said:

    I'm stuck on root. I feel like I'm at my wits end. Can anyone PM me a hint? I feel like I'm overlooking something.

    There is a public exploit. It probably needs two sessions running to make it work.

    Yeah, I've tried using the Frieen CE and budin* the g* sct after making changes. I'm just having issues with it actually wanting to work ins**e the co***n*r. Doesn't run just throws an error.

    ./main: error while loading shared libraries: libgo.so.16: cannot open shared object file: No such file or directory

  • @lumen said:

    ./main: error while loading shared libraries: libgo.so.16: cannot open shared object file: No such file or directory

    Double check how it is being compiled. I don't know for sure but this looks like it is expecting a library on the target which doesn't exist.

    When you run the build, do you get any messages or output?

    Note: I am not going to be available much in September.

    TazWake

    Note: https://www.nohello.com/

    Happy to help people but PLEASE explain your problem in as much detail as possible! If you say vague things like "It's not working", I cant help. This isn't Twitter so my DMs are always open.

  • Type your comment> @TazWake said:

    @lumen said:

    ./main: error while loading shared libraries: libgo.so.16: cannot open shared object file: No such file or directory

    Double check how it is being compiled. I don't know for sure but this looks like it is expecting a library on the target which doesn't exist.

    When you run the build, do you get any messages or output?

    I don't get any messages from building, it just creates the file.

  • @lumen said:

    I don't get any messages from building, it just creates the file.

    Ok, that implies it worked which makes the error seem kind of strange.

    Are you definitely inside the c*******r when you run it?

    Note: I am not going to be available much in September.

    TazWake

    Note: https://www.nohello.com/

    Happy to help people but PLEASE explain your problem in as much detail as possible! If you say vague things like "It's not working", I cant help. This isn't Twitter so my DMs are always open.

  • Type your comment> @TazWake said:

    @lumen said:

    I don't get any messages from building, it just creates the file.

    Ok, that implies it worked which makes the error seem kind of strange.

    Are you definitely inside the c*******r when you run it?

    Yeah and I have rt inside of it. I use the so command with no asterisk and tack on /b**/***h

  • @lumen said:

    Yeah and I have rt inside of it. I use the so command with no asterisk and tack on /b**/***h

    Ok - this might get complex to avoid spoilers. Double check the commands you are using to spawn the two c******r instances.

    Note: I am not going to be available much in September.

    TazWake

    Note: https://www.nohello.com/

    Happy to help people but PLEASE explain your problem in as much detail as possible! If you say vague things like "It's not working", I cant help. This isn't Twitter so my DMs are always open.

  • Type your comment> @TazWake said:

    @lumen said:

    Yeah and I have rt inside of it. I use the so command with no asterisk and tack on /b**/***h

    Ok - this might get complex to avoid spoilers. Double check the commands you are using to spawn the two c******r instances.

    Not sure what changed from last night, but reran it all and it just worked. shrug. Thanks!

  • @lumen said:

    Not sure what changed from last night, but reran it all and it just worked. shrug. Thanks!

    At least it works now :smile:

    Note: I am not going to be available much in September.

    TazWake

    Note: https://www.nohello.com/

    Happy to help people but PLEASE explain your problem in as much detail as possible! If you say vague things like "It's not working", I cant help. This isn't Twitter so my DMs are always open.

  • Lots of fun, I learnt some new techniques for foothold and root. Thanks to the creator! PM for nudges

Sign In to comment.