Official Knife Discussion

124678

Comments

  • edited May 25

    hours trying to privesc, i need help please :neutral:

  • I'm having slight trouble with getting root. I have identified the vector. I think my syntax is incorrect potentially. I'm using the e**c command is that right? Can someone give me a nudge please

  • Yeah, I'd love a nudge on priv esc. if someone doesn't mind. I've been trying a lot of commands and variations of commands to abuse the utility. Not sure if I'm 100 ft. or one inch away.

    FWIW, initial foothold was kind of "fun."

  • Type your comment> @kurogai said:

    Need help with root part, i think i missed something, but need help

    check what the user can do and read the help option> @maru37 said:

    Yeah, I'd love a nudge on priv esc. if someone doesn't mind. I've been trying a lot of commands and variations of commands to abuse the utility. Not sure if I'm 100 ft. or one inch away.

    FWIW, initial foothold was kind of "fun."

    you can read the documentation online for more detail and then just use it to execute payload

  • Done. Nice box - path was straightforward but involved trying some new things. Thanks @MrKN16H !

  • first time doing it on the release arena and manage to get the user flag and working on root...everything is there for the foothold and user flag. just need some Google-fu here and there

  • User done..

    I'm struggling with root. I think in the right place just struggling to understand the usage/syntax needed with the k**** command. Can anyone nudge any pointers or docs which are useful pls? I assume one of the commands in the help list is what I need to use

  • I just cannot connect to the machine, I tried different VPNs but still no luck. The machine is always unreachable. Is the machine only for VIP members??

  • Type your comment> @zvfhxxxxz said:

    User done..

    I'm struggling with root. I think in the right place just struggling to understand the usage/syntax needed with the k**** command. Can anyone nudge any pointers or docs which are useful pls? I assume one of the commands in the help list is what I need to use

    Never mind. I was a fool and didn't add the flag after the ***** ***c command :)

  • edited May 26

    Foothold and user : Well, guys are wright ! Don't look for any webapp but a daemon. There's a recent vulnerability on it. I'm shocked ! :neutral:

    Root : well. I see a knife thing. Is it this ? ... thank you guys for leaving hack tricks on server. So the answer was just in front of my eyes but I missed the chance to search a bit by myself :smiley: .

  • edited May 26

    Thanks to @zvfhxxxxz and @elveskevtar for the nudges.

    Anyone ever have trouble submitting a root.txt flag and getting "incorrect flag"?

    EDIT: It appears the flags change when the box is moved from the release arena to the active machines section. Re-rooted and got a different flag which was accepted.

  • Rooted.

    If anyone has a question i would be happy to help you out!

    User: Look for version number on what the website is running would be my main pointer

    Root: don't look to far you will only need to enumerate 1 command and do some googling (maybe you will see it without google) and than it 1 simple command and you are root!

    Hack The Box

  • Was struggling with foothold more than needed going down rabbit holes. Phew. Once fh identified user and root took literally seconds.

  • Got foothold immediately but can't seem to figure it out how to exploit the tool. could use some help

  • rooted it without any help.

  • edited May 27

    Type your comment> @Lalith71 said:

    Wow found nothing with 40 mins of enum any nudges you guys?

    Nope

  • edited May 27

    Hello

    Starting the box...

  • is anyone willing to provide hint, stuck at root.
    got user using Chinese help.

  • Type your comment> @IamMegalodon said:

    is anyone willing to provide hint, stuck at root.
    got user using Chinese help.

    try to see what you can do as the user, and remember that often the name of the box is some form of hint ... (linpeas can help but you should do this basic enum everytime for easy / medium boxes)

    after that, read the documentation online and with trial and error you should be able to get root !

    CyanSkyAbove

  • edited May 27
    🤔
  • Found a way to get the user flag, and find the way to get the root but since i cannot get a reverse shell i don't think that the method will work
  • Got root !

    Initial Foothold/User : very simple if you can find the exploit

    Root : usual enumeration will tell you what to look for, after that read the documents you will find a way to execute your payload.

    DM me for nudges !!! :)

  • edited May 28

    Got user trying to get root. Stuck at k***e command, don't know what to do with it, any tips will be accepted.

    FOOTHOLD and USER: Try to find version of something that is used a lot in webapps and google it.

  • Rooted :naughty:

    Hack The Box

  • Pretty easy one! Can't even think of hints that do not disclose it completely!

    Anyone that needs some help/guidance, pm me!

    Just say upfront what you have and where you stuck!

  • @busshi can you tell me here please ? i cannot find a path for root, i access k...e menu and then.. :-s

  • Rooted. This was a fun box.
    User: Don't rabbit hole... There is much information in the ways of recon
    Root: You should find what you need almost immediately. Remember your Priv Esc enumeration and what your user can do... Then from there... look for how the tool can be leveraged...
    SPECIAL HINT: A good rule of thumb (In general that MIGHT be applicable to this box) is to remember that there are other shells that have already been written... Sometimes generating your own isn't necessary.

  • Rooted! Lots of good hints on this thread but I'll leave my two cents.

    Foothold: Something I always see but never have had to check until now.

    Root: Maybe something in the help menu can help you?

    DM me for a nudge :)

    Hack The Box

  • Quite a fun box. Very recent exploits so it was impressive that HTB were able to build and deploy this so quickly.

    Note: I am not going to be available much in September.

    TazWake

    Note: https://www.nohello.com/

    Happy to help people but PLEASE explain your problem in as much detail as possible! If you say vague things like "It's not working", I cant help. This isn't Twitter so my DMs are always open.

  • Fun box, easy though, but fun! Thanks to the makers. DM me if you need help.

    image

Sign In to comment.