Official Armageddon Discussion

1246712

Comments

  • Type your comment> @J4ckFr0st said:

    how to get a file into armageddon from my machine without curl and wget, cz wget not installed and curl isnt downloading runs for a file and time outs

    Are you using curl -o $filename ?

  • After far too many hours this weekend I finally managed to figure out the last step and get a copy of the root flag. I had trouble getting the original toe-hold because a mistake made me discount the solution, getting the root was a lot of trial and error on something I hadn't touched before; I'll be keen to see the write-ups and how much more elegant other did it.

  • Good box! Foothold and user are a lot easier than root. Root was interesting, I had trouble finding a good resource on what's needed. Some hints:

    Foothold: Look around and Google. There are tools/scripts out there to help
    User: Think about how everything is connected. Look for running services
    Root: What you see isn't a red-herring. Like other's have said - you will have to craft what you need

  • Spoiler Removed

  • edited March 29

    Jesus christ. Just managed to root the box after a lot of errors.

    If you have errors of the s**p not creating the u**r, resetting the machine seemed to work for me. After that, it created them fine.

  • edited March 29

    rooted

    Hack The Box

  • May or may not be on the right track but was anyone able to get the r*** script to work? i'm not a r*** person so not sure what it's asking.. looks to be having trouble importing a dependency?

  • Type your comment> @moose said:

    May or may not be on the right track but was anyone able to get the r*** script to work? i'm not a r*** person so not sure what it's asking.. looks to be having trouble importing a dependency?

    JK :) found a script with a language I'm familiar with.

  • The root part is absolutely infuriating. I know what to do but crafting the s*** is a huge PITA, I've had to try 3 different environments so far because it wouldn't work under WSL2, then I had KVM issues... Hopefully I can get this down soon.

  • Having trouble connecting to the d***base. Have creds to view but not able to view the output in my shell. Any ideas?

  • @moose said:

    Having trouble connecting to the d***base. Have creds to view but not able to view the output in my shell. Any ideas?

    Try merging your connecting with what you want to do right after you connect. Check if a one-liner could help you achieve that.

  • edited March 29

    hi senpai, tried common ports like 20, 21, 22, 23, 25, 80, 110, 143, 443
    but i just couldnt get a reverse shell . any hint please.

    I love to play my birds(Lovebirds) but now HTB has been taking away my love for them.
    '>.<

  • How can i root if my cpu doesn't support nested virtualization?

  • > @moose said:
    > Having trouble connecting to the d***base. Have creds to view but not able to view the output in my shell. Any ideas?

    You can actually use you present shell also just know the tables and boom you will get everything
  • Type your comment> @TGRHavoc said:

    Jesus christ. Just managed to root the box after a lot of errors.

    If you have errors of the s**p not creating the u**r, resetting the machine seemed to work for me. After that, it created them fine.

    Same here, wasted "hrs" trying to figure out why my crafted thing didn't work. After reset the thing kicked suddenly in.

    Not a fan of this box but learned something new while doing root which I would otherwise probably never have researched deeper.

    k4wld
    Discord: k4wld#5627

  • Type your comment> @SlaCk3rxD said:
    > hi senpai, tried common ports like 20, 21, 22, 23, 25, 80, 110, 143, 443
    > but i just couldnt get a reverse shell . any hint please.

    on the foothold. all you need is a simple enum. take a look at versions. ๐Ÿ˜‰
  • Type your comment> @1z3n said:

    Type your comment> @SlaCk3rxD said:

    hi senpai, tried common ports like 20, 21, 22, 23, 25, 80, 110, 143, 443
    but i just couldnt get a reverse shell . any hint please.

    on the foothold. all you need is a simple enum. take a look at versions. ๐Ÿ˜‰

    Hello, yeah i have gotten the web application and the version. Google given me couple of CVE that seems to be able to edit alittle for a reverse shell on the vulnerable site. but some reason i just couldnt get my shell =(

    I love to play my birds(Lovebirds) but now HTB has been taking away my love for them.
    '>.<

  • Type your comment> @SlaCk3rxD said:
    > Type your comment> @1z3n said:
    >
    > (Quote)
    > Hello, yeah i have gotten the web application and the version. Google given me couple of CVE that seems to be able to edit alittle for a reverse shell on the vulnerable site. but some reason i just couldnt get my shell =(

    Try metasploit ๐Ÿ˜
  • hey, I'm new to ethical hacking and pentesting and literally cant find anything to get user, could someone help me / give me a hint? would be very appreciated :) thanks in advance

  • Type your comment> @sebba said:

    How can i root if my cpu doesn't support nested virtualization?

    Believe me, this is not necessary at all.

    Arrexel

  • Type your comment> @Muzec said:

    Type your comment> @SlaCk3rxD said:

    Type your comment> @1z3n said:

    (Quote)
    Hello, yeah i have gotten the web application and the version. Google given me couple of CVE that seems to be able to edit alittle for a reverse shell on the vulnerable site. but some reason i just couldnt get my shell =(

    Try metasploit ๐Ÿ˜

    Heh. nevermind. i got it. finally one source from github works.

    I love to play my birds(Lovebirds) but now HTB has been taking away my love for them.
    '>.<

  • Greetings to All,

    I've managed to execute remote command but enable to get shell on server even tried wget or curl but file not created via those cmd. any hint ?

  • Type your comment> @scorpoin said:

    Greetings to All,

    I've managed to execute remote command but enable to get shell on server even tried wget or curl but file not created via those cmd. any hint?

    There is an exploit in a famous framework called ms*c***e

  • Type your comment> @Muzec said:

    @moose said:
    Having trouble connecting to the d***base. Have creds to view but not able to view the output in my shell. Any ideas?

    You can actually use you present shell also just know the tables and boom you will get everything

    Tried using the correct m**** syntax but it's not showing any output in my shell. I'm using the m*f****** shell if that matters.

  • Type your comment> @moose said:

    Type your comment> @Muzec said:

    @moose said:
    Having trouble connecting to the d***base. Have creds to view but not able to view the output in my shell. Any ideas?

    You can actually use you present shell also just know the tables and boom you will get everything

    Tried using the correct m**** syntax but it's not showing any output in my shell. I'm using the m*f****** shell if that matters.

    Yes I was confused about that too but it works just put in the commands.

  • Type your comment> @moose said:

    Type your comment> @Muzec said:

    @moose said:
    Having trouble connecting to the d***base. Have creds to view but not able to view the output in my shell. Any ideas?

    You can actually use you present shell also just know the tables and boom you will get everything

    Tried using the correct m**** syntax but it's not showing any output in my shell. I'm using the m*f****** shell if that matters.

    I had the same problem. Don't know why, mb it's a spoiler, but sql commands are working, but doesn't showed. Try to exit (exit; ?) after you put your commands, with the error you will see your commands and response

  • Type your comment> @aksofar said:

    Type your comment> @moose said:

    Type your comment> @Muzec said:

    @moose said:
    Having trouble connecting to the d***base. Have creds to view but not able to view the output in my shell. Any ideas?

    You can actually use you present shell also just know the tables and boom you will get everything

    Tried using the correct m**** syntax but it's not showing any output in my shell. I'm using the m*f****** shell if that matters.

    Yes I was confused about that too but it works just put in the commands.

    Can you pm me how you were able to view the output? It appears my syntax is working but I can't see any of the output.

  • Type your comment> @moose said:

    Type your comment> @aksofar said:

    Type your comment> @moose said:

    Type your comment> @Muzec said:

    @moose said:
    Having trouble connecting to the d***base. Have creds to view but not able to view the output in my shell. Any ideas?

    You can actually use you present shell also just know the tables and boom you will get everything

    Tried using the correct m**** syntax but it's not showing any output in my shell. I'm using the m*f****** shell if that matters.

    Yes I was confused about that too but it works just put in the commands.

    Can you pm me how you were able to view the output? It appears my syntax is working but I can't see any of the output.

    Figured out. Thanks :) if anyone needs any help, let me know.

  • @menkar411 said:
    Type your comment> @moose said:

    Type your comment> @Muzec said:

    @moose said:
    Having trouble connecting to the d***base. Have creds to view but not able to view the output in my shell. Any ideas?

    You can actually use you present shell also just know the tables and boom you will get everything

    Tried using the correct m**** syntax but it's not showing any output in my shell. I'm using the m*f****** shell if that matters.

    I had the same problem. Don't know why, mb it's a spoiler, but sql commands are working, but doesn't showed. Try to exit (exit; ?) after you put your commands, with the error you will see your commands and response

    Thanks! :)

  • i found exploit for the machine for initial foot hold and it say target is vulnerable but cant able to generate a reverse_shell or session...any help

Sign In to comment.