Official Armageddon Discussion

1235712

Comments

  • foothold: enumeration and cve
    user: more enumeration (pay attention to whats running on the machine)
    root: pretty straight forward (as @AbuQasem already said, a vulnerability that existed in prior versions can help you a lot...)

  • A> @DK9510 said:

    i found exploit for the machine for initial foot hold and it say target is vulnerable but cant able to generate a reverse_shell or session...any help

    I sometimes get caught out by a certain tool not detecting the correct local IP to use, or not remembering to open up the right port on my firewall.

  • Hello, I have a connection with the machine, but it does not let me leave the container folder of the web, and when performing a reverse shelll it does not create the meterpreter session

  • edited March 29

    i was able to use

    s***c**** pack xxxx
    

    command after having installed s*** and s***c***** on a normal kali machine. this creates a s*** from a directory. when installing a s***, it mounts it somewhere onto the file system, so i included set*** binaries in the s***. i don't think this is the intended route, though.

  • I feel like there is a lot of help on this so far. The only thing that I would suggest is to not overthink it (I know I did).

    Foothold: Easy to find from google
    User: Basic enumeration. If you have worked with web applications in the past with login screens, you should know what you're looking for. If you haven't, do some searches about setting up things like wordpress or dvwa. You'll see some information that will be useful in different files.
    Root: This was the headache for me. I overthought this a lot and wasted some serious time. There are some great posts about doing this exploit, but you may need to change a few things up. It's not about what you're installing, but what you do while you're installing ;)

  • edited March 30

    yay finally gotten user but root i do not have a clue.......... finally that "s***" came into my mind. lol. let's see how to work that "snap"

    I love to play my birds(Lovebirds) but now HTB has been taking away my love for them.
    '>.<

  • edited March 30

    Hi, has anyone managed to set up the "crafter" on MacOS? I keep getting an error that multipass is not configured properly although I have installed it as well.

  • Type your comment> @Aus3rn4m3Z said:

    Hi, has anyone managed to set up the "crafter" on MacOS? I keep getting an error that multipass is not configured properly although I have installed it as well.

    This might help you: https://snapcraft.io/docs/installing-snapcraft
    Personally, I used a Ubuntu VM.

  • Any clue on su giving "system error"? Which other service can i work with to log in as b************?
    I am stuck here help :)

  • Type your comment> @levanto said:

    Any clue on su giving "system error"? Which other service can i work with to log in as b************?
    I am stuck here help :)

    If you have the credentials, port 22 is open

  • Spoiler Removed

  • Got user, so easy machine and good for starters

    Hack The Box

  • edited March 30

    Type your comment> @obfucipher said:

    This might help you: https://snapcraft.io/docs/installing-snapcraft
    Personally, I used a Ubuntu VM.

    It works fine on Kali as well.

    https://flast101.github.io

    flast101

    QmUgQ3VyaW91cywgTGVhcm5pbmcgaXMgTGlmZSAhCg==

  • edited March 30

    I'm bashing my head into a wall right now...
    Got initial foothold under a****e using a popular framework. Cannot seem to connect to m***l, even from the shell. Tried port forwarding and still no luck. BTW, I have the credentials to connect, but can't seem to do so. Any help would be greatly appreciated.

    EDIT: NM, hahahaha... found the alternative, and much simpler, method ;)

    Hack The Box

  • To solve that machine enumeration is a key you already have everything infront of you......
    Root part is pretty simple if u stay on the genuine approach.....
    You must find out a way to solve what you found......

  • edited March 30

    Type your comment> @pL4sTiC said:

    I'm bashing my head into a wall right now...
    Got initial foothold under a****e using a popular framework. Cannot seem to connect to m***l, even from the shell. Tried port forwarding and still no luck. BTW, I have the credentials to connect, but can't seem to do so. Any help would be greatly appreciated.

    Same issue here - maybe it's a rabithole, or wrong creds?

    EDIT: nevermind :smile: syntax

  • Rooted.

    This box is both easy and hard. Easy to discover the entry points but requires some specific knowledge and toolsets to exploit.

    SE Linux was a bit of a pain in the buttons at one point but nice to see it.

    I'll be very interested in seeing exactly how others rooted this one. Mine was ugly but worked. Will watch for walkthroughs.

    I've found that in both htb I've done so far... Super easy to find the vector of attack but you need some specific knowledge. So you spend a day learning something that you never needed to use before. Not a bad experience but definitely can be frustrating.
  • finally rooted.
    user was pretty easy, but I don't know whats going on root way, Ican't get it all day long, but on the next day I did all the same things and got root....
    ???

    tips above enough

    Svilly

  • Rooted, pretty funny priv esc part, but may seems hard, when u understand the path to root and googling around will do a good job

  • edited March 31

    curious how people crafted. struggling with doing it from a container, thinking about spinning up a VMware instance of ubuntu?

    foothold - don't overthink it, search it.
    user - you already know from the hints
    root - it's all about setting up the right environment

  • I have a shell with the user a****e but can't find the password, only found the username b***********n. Any help? I saw some people saying to look at services and stuff, tried to search the command for that, but can't find anything that works

  • Type your comment> @UnknownRobot said:
    > I have a shell with the user a****e but can't find the password, only found the username b***********n. Any help? I saw some people saying to look at services and stuff, tried to search the command for that, but can't find anything that works

    You can msg me if you're stuck.
  • I think that there are two ways to do root, both oriented around the same program. One of them requires crafting correctly (and you may struggle with setting up the environment like I did depending on how your machine is configured) and the other relies on modifying an older vuln (but I was forced to revert the box before it worked).

  • Got user pretty easy
    And I have some lights on what I have to do to get root. Can someone help me building the s***?

    Hack The Box

  • getting a foothold and user was actually harder for me than getting root.

    foothold : look around google, OSINT.
    user : ENUMERATE, ENUMERATE, ENUMERATE, all you need is already where you are.
    root : there's a known exploit, you just need to craft it for your needs.

    There are actually a lot of hints on this discussion, so if you're having a hard time... just read everything here from page 1 to end.

    good luck!.

  • guys can you help me i cant open any websites from htb when i go to open any of then the error shows dns probe finished nxdomain in any box i checked everything from fixing dns and setting it to google and resetting network manger i just cant open the websites ending in .htb so please help me i am new here

  • @Darksward27 said:

    guys can you help me i cant open any websites from htb when i go to open any of then the error shows dns probe finished nxdomain in any box i checked everything from fixing dns and setting it to google and resetting network manger i just cant open the websites ending in .htb so please help me i am new here

    Three points:

    • you need to add the domains to your hosts file. HTB doesn't use DNS (and it would be a bit weird if it tried to really), so you have to tell your computer what IP address are which hostname.
    • you probably should work through the Starting Point boxes.
    • you might also want to look at the academy site to learn some of the basics.

    Note: I am not going to be available much in September.

    TazWake

    Note: https://www.nohello.com/

    Happy to help people but PLEASE explain your problem in as much detail as possible! If you say vague things like "It's not working", I cant help. This isn't Twitter so my DMs are always open.

  • Type your comment> @pL4sTiC said:

    I'm bashing my head into a wall right now...
    Got initial foothold under a****e using a popular framework. Cannot seem to connect to m***l, even from the shell. Tried port forwarding and still no luck. BTW, I have the credentials to connect, but can't seem to do so. Any help would be greatly appreciated.

    EDIT: NM, hahahaha... found the alternative, and much simpler, method ;)

    Hey, could you PM me the alternate method? I've been trying to connect to the database, but to no avail. I have the creds.

  • Hint: For those with trouble connecting to m***l.
    There are other ways of dumping it ;-)

    Hack The Box

  • Foothold: The clue is in the name.
    User: A little two-step and then you can get in through the frontdoor.
    Root: The master of an older generation can show you the way with his teachings.

    Getting the thing to actually build seemed to be the hardest part.

Sign In to comment.