Poison

11718192022

Comments

  • @GH05TCD said:
    Is the grey screen a fault? Or am I not doing something right?

    It's expected depending on how you're connecting. Fixable, just google a solution (there are other posts in this thread that discuss this in more detail than they should, just fyi)

  • @squadron68 said:
    can someone PM how to root this thing, i don't have idea how to deal with that ******.zip

    As others have said, the information you need is in a man page

  • HAHA got it boiz! If you need any hints send me a pm maybe I can help.

    NostromoLain

  • Hi,
    I've got a hint, that would really help me - sometimes machine sees a difference between localhost and 127.0.0.1...
    I've been struggling with this, even though I knew exactly what is wrong with the machine.

  • I've read almost all the comments, i have the secret i think i understand what i should do but still i can't continue! If someone want to p.m so i can tell him what i'm doing without spoiling will be great!

  • rooted. this was a pain for me... this was a lot of hours googling... processes and tunneling are the keys. feel free to PM

    OSCP

    Hack The Box

  • edited August 2018

    sorta agree with the guy above, rooted as well, pretty straight forward but if you haven't done something like this before it could get result in loads of googling, feel free to hmu anytime as well

    Hack The Box

  • edited August 2018

    can someone PM me regarding SSH private key for this box? I think I'm onto something but am missing something as well

  • My first server :D, two interesting days.
    The comments are rights, just enumerate the services and understand how they works, then using the file.
    I learned a lot.

  • edited September 2018

    hello, desperate newbie here. Two issues:
    1) on my first scan, I found two open ports and two filtered ones (one even corresponding to a known and useful service - or at least I thought so). Problem is, I can't find those two services anymore, they don't show up in my scan. I tried resetting the box several times, nothing changed. Did I allucinate?

    2) I was able to find a username by decoding the password backup. I thought of using it in *** but I can't figure out the password (I found the pwd file but all the entries are simpy '*'). It was stated several times that no bruteforce is needed here, so...What am I missing?

  • edited September 2018

    @federella You've done the right thing by finding a username... Perhaps you might enumerate a little more and find a password somewhere?

  • how do you unzip the zip file because i've tried "unzip -p passwd zipfile" and it didnt work....

  • edited September 2018

    @Andromalius said:
    @federella You've done the right thing by finding a username... Perhaps you might enumerate a little more and find a password somewhere?

    That's what I thought but I'm stuck. the passwd file was useless and I can't find the shadow file so...I don't know what to look for!

    EDIT: i feel so stupid! I already had the password lol

  • I have previously owned the user and submitted the hash. However now I try to login the same way the password no longer works? It kept saying Permission Denied.. Did someone change the password or something?? Very puzzled..

    Hack The Box

  • > @julietta said:
    > I have previously owned the user and submitted the hash. However now I try to login the same way the password no longer works? It kept saying Permission Denied.. Did someone change the password or something?? Very puzzled..

    I would double check the password is right. If you're copy/pasting it rather than typing it... Here's a hint.

    Try echoing it before you use it in the connection. Does it still look right?
  • For any who have trouble extracting a zip file... If you're using the command unzip -P "***" you might get an 'incorrect password' even if you are right.

    Try just using unzip on the file, then enter the password at the prompt.

    Hope that isn't a spoiler, but at least I learned how to use the unzip command the right way.
  • I must be super dumb but I can't find this backup password file people keep mentioning. I've got an LFI so can read passwd and I've dirbed and dirbusted it with the supplied lists but it's not bringing anything like that up. What am I missing?

  • edited September 2018

    @NeilSec If you got user, you really shouldn't have any trouble finding it.

    Edit: Unless you mean for privesc, in which case the above hints should be more than sufficient with research or knowledge. (Time machine stuff)

  • @Andromalius said:
    @NeilSec If you got user, you really shouldn't have any trouble finding it.

    Edit: Unless you mean for privesc, in which case the above hints should be more than sufficient with research or knowledge. (Time machine stuff)

    I got a user by LFIing the passwd file. Not sure how that helps me find a password file that I don't know the name of?

  • @NeilSec So you haven't gotten on the machine, and you're wondering why you can't see the password backup people are talking about?

    ... Just saying

  • @Andromalius said:
    @NeilSec So you haven't gotten on the machine, and you're wondering why you can't see the password backup people are talking about?

    ... Just saying

    Ah OK....some comments imply they got onto the machine by finding an encrypted password file for the user found via the LFI....or maybe they didn't but I assumed they did.

  • @NeilSec Having done the box, I'm going to assume they were talking about something different.

    If you don't know how they got on the box, my hint to you would be to enumerate more. You might find something useful you missed before.

  • edited September 2018

    rooted, big thanks to @mcruz and the source he provide. For those who need help, Spoiler Removed - Arrexel

  • @Andromalius said:
    @NeilSec Having done the box, I'm going to assume they were talking about something different.

    If you don't know how they got on the box, my hint to you would be to enumerate more. You might find something useful you missed before.

    Strange. I just found the file by looking a bit harder. Maybe you got in a different way?

  • Stuck on priv esc for the last 2 days. I think I'm heading in the right directions but any more hints would be great.

  • @scando said:
    Stuck on priv esc for the last 2 days. I think I'm heading in the right directions but any more hints would be great.

    5 Mins after posting this I'm in. Root dance time.

  • yes. I tried all these methods. I am able to connect to that port. But the screen is grayed out with big X mouse. Some pixel alignment problem. Tried different pixels there. But no solution.

    sesha569

  • Rooted. Nice box. Learned a lot.

  • Hi, can someone PM me with some hints, I got LFI and RCE, but I am not able to open a rev shell. Thanks

  • @sesha569 said:

    yes. I tried all these methods. I am able to connect to that port. But the screen is grayed out with big X mouse. Some pixel alignment problem. Tried different pixels there. But no solution.

    sometimes u might need to wait for awhile/ reset and redo the steps. mine was extremely unresponsive on my first try.

Sign In to comment.