Hint for Sunday

Try Harder ;-)

m0noc

«13456720

Comments

  • @m0noc said:
    Try Harder ;-)

    ty

    Hack The Box

  • edited April 2018

    @m0noc said:
    Try Harder ;-)

    LMAO!!! :) you made my sat night :)

    ReK2

  • anyone to talk bout priv esc part.?
    I found something on priv esc but it's not working.

    B0rN2R00T

  • I have user but ... just wondering if I could make it alone without "being helped" by others. Those who are already in understand what I mean.

    m4rc1n

  • Somebody left me a gift on Sunday. I got root flag before having the user one. First time on HTB.

    m4rc1n

  • @B0rN2R00T said:
    anyone to talk bout priv esc part.?
    I found something on priv esc but it's not working.

    sure. I'm in there - but not root yet

  • anybody willing to talk about getting user?
    managed to enumerate and find some users but not sure how to carry on

  • @0c3r said:
    anybody willing to talk about getting user?
    managed to enumerate and find some users but not sure how to carry on

    I am on the same spot. Found a few users. now i am not sure what the next step is.
    I may have lost something on my nmap scans though

  • @0c3r said:
    anybody willing to talk about getting user?
    managed to enumerate and find some users but not sure how to carry on

    @w31rd0 said:

    @0c3r said:
    anybody willing to talk about getting user?
    managed to enumerate and find some users but not sure how to carry on

    I am on the same spot. Found a few users. now i am not sure what the next step is.
    I may have lost something on my nmap scans though

    Go back to your nmap, look for a point of access and the try some obvious guess work.

  • @The0Xypher said:

    @0c3r said:
    anybody willing to talk about getting user?
    managed to enumerate and find some users but not sure how to carry on

    @w31rd0 said:

    @0c3r said:
    anybody willing to talk about getting user?
    managed to enumerate and find some users but not sure how to carry on

    I am on the same spot. Found a few users. now i am not sure what the next step is.
    I may have lost something on my nmap scans though

    Go back to your nmap, look for a point of access and the try some obvious guess work.

    i have detected a point of access. but I left it aside as i felt i am missing the clues to use it.
    you are implying that random guessing is required? or i need to enumerate more to get a hint?

  • @The0Xypher said:

    @0c3r said:
    anybody willing to talk about getting user?
    managed to enumerate and find some users but not sure how to carry on

    @w31rd0 said:

    @0c3r said:
    anybody willing to talk about getting user?
    managed to enumerate and find some users but not sure how to carry on

    I am on the same spot. Found a few users. now i am not sure what the next step is.
    I may have lost something on my nmap scans though

    Go back to your nmap, look for a point of access and the try some obvious guess work.

    First step is indeed obvious, but now I'm trying to find something what will give me user and really cannot find anything. On 20p machine it should rather be something really simple.

    m4rc1n

  • @macw141 said:

    @The0Xypher said:

    @0c3r said:
    anybody willing to talk about getting user?
    managed to enumerate and find some users but not sure how to carry on

    @w31rd0 said:

    @0c3r said:
    anybody willing to talk about getting user?
    managed to enumerate and find some users but not sure how to carry on

    I am on the same spot. Found a few users. now i am not sure what the next step is.
    I may have lost something on my nmap scans though

    Go back to your nmap, look for a point of access and the try some obvious guess work.

    First step is indeed obvious, but now I'm trying to find something what will give me user and really cannot find anything. On 20p machine it should rather be something really simple.

    By user I mean flag. I can login

    m4rc1n

  • @w31rd0 said:

    @The0Xypher said:

    @0c3r said:
    anybody willing to talk about getting user?
    managed to enumerate and find some users but not sure how to carry on

    @w31rd0 said:

    @0c3r said:
    anybody willing to talk about getting user?
    managed to enumerate and find some users but not sure how to carry on

    I am on the same spot. Found a few users. now i am not sure what the next step is.
    I may have lost something on my nmap scans though

    Go back to your nmap, look for a point of access and the try some obvious guess work.

    i have detected a point of access. but I left it aside as i felt i am missing the clues to use it.
    you are implying that random guessing is required? or i need to enumerate more to get a hint?

    Well I got into the box using some educated guessing. If you've seen any of ippsec's videos on youtube, just do what he does. Go for some obvious guess. The entry to the box is similar to Valentine in the sense what you need is practically in front of you.

  • Anyone have any hints for priv esc? I dont see anything except a troll.

    lowpriv

  • @The0Xypher said:

    @w31rd0 said:

    @The0Xypher said:

    @0c3r said:
    anybody willing to talk about getting user?
    managed to enumerate and find some users but not sure how to carry on

    @w31rd0 said:

    @0c3r said:
    anybody willing to talk about getting user?
    managed to enumerate and find some users but not sure how to carry on

    I am on the same spot. Found a few users. now i am not sure what the next step is.
    I may have lost something on my nmap scans though

    Go back to your nmap, look for a point of access and the try some obvious guess work.

    i have detected a point of access. but I left it aside as i felt i am missing the clues to use it.
    you are implying that random guessing is required? or i need to enumerate more to get a hint?

    Well I got into the box using some educated guessing. If you've seen any of ippsec's videos on youtube, just do what he does. Go for some obvious guess. The entry to the box is similar to Valentine in the sense what you need is practically in front of you.

    This part I have (can login but still no access to the user flag), but no clue so far what to do next what amazes me, because this is 20p box.

    m4rc1n

  • edited April 2018

    @The0Xypher said:

    @w31rd0 said:

    @The0Xypher said:

    @0c3r said:
    anybody willing to talk about getting user?
    managed to enumerate and find some users but not sure how to carry on

    @w31rd0 said:

    @0c3r said:
    anybody willing to talk about getting user?
    managed to enumerate and find some users but not sure how to carry on

    I am on the same spot. Found a few users. now i am not sure what the next step is.
    I may have lost something on my nmap scans though

    Go back to your nmap, look for a point of access and the try some obvious guess work.

    i have detected a point of access. but I left it aside as i felt i am missing the clues to use it.
    you are implying that random guessing is required? or i need to enumerate more to get a hint?

    Well I got into the box using some educated guessing. If you've seen any of ippsec's videos on youtube, just do what he does. Go for some obvious guess. The entry to the box is similar to Valentine in the sense what you need is practically in front of you.

    Ok i feel so dump, i thought i had tried that combination more than once.
    i managed to log in after all. cheers

  • cool box

    Hack The Box

  • @macw141 said:

    @The0Xypher said:

    @w31rd0 said:

    @The0Xypher said:

    @0c3r said:
    anybody willing to talk about getting user?
    managed to enumerate and find some users but not sure how to carry on

    @w31rd0 said:

    @0c3r said:
    anybody willing to talk about getting user?
    managed to enumerate and find some users but not sure how to carry on

    I am on the same spot. Found a few users. now i am not sure what the next step is.
    I may have lost something on my nmap scans though

    Go back to your nmap, look for a point of access and the try some obvious guess work.

    i have detected a point of access. but I left it aside as i felt i am missing the clues to use it.
    you are implying that random guessing is required? or i need to enumerate more to get a hint?

    Well I got into the box using some educated guessing. If you've seen any of ippsec's videos on youtube, just do what he does. Go for some obvious guess. The entry to the box is similar to Valentine in the sense what you need is practically in front of you.

    This part I have (can login but still no access to the user flag), but no clue so far what to do next what amazes me, because this is 20p box.

    Same for me although I havent had time to really look into it yet. Gunna take a look myself in a bit.

  • @w31rd0 said:

    @The0Xypher said:

    @w31rd0 said:

    @The0Xypher said:

    @0c3r said:
    anybody willing to talk about getting user?
    managed to enumerate and find some users but not sure how to carry on

    @w31rd0 said:

    @0c3r said:
    anybody willing to talk about getting user?
    managed to enumerate and find some users but not sure how to carry on

    I am on the same spot. Found a few users. now i am not sure what the next step is.
    I may have lost something on my nmap scans though

    Go back to your nmap, look for a point of access and the try some obvious guess work.

    i have detected a point of access. but I left it aside as i felt i am missing the clues to use it.
    you are implying that random guessing is required? or i need to enumerate more to get a hint?

    Well I got into the box using some educated guessing. If you've seen any of ippsec's videos on youtube, just do what he does. Go for some obvious guess. The entry to the box is similar to Valentine in the sense what you need is practically in front of you.

    Ok i feel so dump, i thought i had tried that combination more than once.
    i managed to log in after all. cheers

    no problem bro

  • I think i found the way in to the box but yet did not get access to it can someone PM me on it.

    stormworm29

  • edited April 2018

    So I logged in as a user and cant seem to find how to access the user.txt as it is owned by Spoiler Removed - Arrexel. Can anyone PM me a hint on how to view the file or Priv escalation? Respect will be given

  • edited April 2018

    @lambda1776 said:
    So I logged in as a user and cant seem to find how to access the user.txt as it is owned by Spoiler Removed - Arrexel. Can anyone PM me a hint on how to view the file or Priv escalation? Respect will be given

    enumerate manually ;)

  • @S4ck said:

    @lambda1776 said:
    So I logged in as a user and cant seem to find how to access the user.txt as it is owned by sammy. Can anyone PM me a hint on how to view the file or Priv escalation? Respect will be given

    enumerate manually ;)

    I believe i did, i saw a interesting troll and thought it might have something to do with it but maybe im wrong. And i didnt see anything particularly interesting during the rest of the enumeration. Am i missing something?
    I am looking to improve my enumeration so tips or resources would help.

  • edited April 2018

    I went straight to Spoiler Removed - Arrexel and then got the flag 10m after very easy. if anyone needs help msg me in private

    ReK2

  • edited April 2018

    @rek2 said:
    I went straight to Spoiler Removed - Arrexel and then got the flag 10m after very easy. if anyone needs help msg me in private

    any hint for wordlist to crack root hash?

  • For a 20 point box this is messing with my head. Can someone give me a pointer? I can't get pass the part of user enumeration (done), or how to use the two open services...

  • @alquimista said:
    For a 20 point box this is messing with my head. Can someone give me a pointer? I can't get pass the part of user enumeration (done), or how to use the two open services...

    you need to enumerate more on services :)

  • alquimista same mistake i made, play about with nmap a bit more before rushing in on those "2" services.

  • @IrfanRizvi said:

    @rek2 said:
    I went straight to Spoiler Removed - Arrexel and then got the flag 10m after very easy. if anyone needs help msg me in private

    any hint for wordlist to crack root hash?

    msg me in private not sure if adding that here is a spoiler or not.

    ReK2

  • My nmap scans are taking way too long. Is that normal?

    Hack The Box

Sign In to comment.