Hint for Sunday

18911131420

Comments

  • I got user, now need help getting to root. PM if you have time?

  • can someone reset the machine please and for the sake of might you don't have to grab the file to the server yo can post...

  • Ufff, rooted! (well, actually I was trying to crack root's password, but it was just too slow, so I made workaround and just asked for a root.txt file. I am not sure if this is the way, but it worked)

    Hack The Box
    If you appreciate my help, please give +1 respect https://www.hackthebox.eu/home/users/profile/50022

  • i'm stuck on the hash. I can use both john and hashcat to crack the original user/pass but not the second. i've read through the options and tried a few things but still no luck.

  • @royc3r said:
    i'm stuck on the hash. I can use both john and hashcat to crack the original user/pass but not the second. i've read through the options and tried a few things but still no luck.

    Send me a PM I will try to help you.

    v1ew-s0urce.flv
  • edited July 2018

    done to get root.txt

  • edited July 2018

    [ATTEMPT] target 10.10.10.76 - login "spoiler removed" - pass "19071907" - 14239 of 14344408 [child 0] (0/9)

    Using hydra with rockyou.txt on high port, going very slow. Am I on right the right track? Using the only username that had been logged in from list I found by negotiating another service. Also used metasploit to check for users.

    Hack The Box

  • edited July 2018

    For priv esc, try to see what commands can use the users, and after that READ THE MAN PAGE !!
    this last step help me to get all for priv esc, including the root.txt

    Hack The Box

  • edited July 2018

    Not sure if this is the right direction, but I'm trying a basic brute force for a service on the host and 2 well known tools are completely shitting themselves and not working at all. Don't want to give too much away, so if someone wouldn't mind dropping me a DM and giving me a second opinion, I'd really appreciate it.

    EDIT: Neeeevermind. Used a different tool and had success. Still not sure why the other two didn't work, but whatever!

    Pavornoc

  • Wow, loved this box! I rooted it and learned some cool stuff from it.
    Ping me if you need any help (no spoilers) :D

    Hack The Box

  • Enjoyed getting through the user and PE. It was simple in the end. I skipped it several time to work on other machines as I did not get in initially. I must remind myself to keep retrying passwords since the one that got me in did not work at several previous occasions due to humans working on the box ;-)

    Dltd

  • can someone pm me. I have usernames and have read up on the 2 ports I have open. tried to enumerate shares and can't find any. really stuck now

  • This box is not tough, but it takes time to get the initial foothold and need lot of reset if you or someone else do something wrong when trying to get root. PM me if you need more hints.

  • @RLFP said:
    Pretty much my approach...
    youtu.be/v_3ks7-OjGc
    youtu.be/234u2ZV8HNY
    youtu.be/mLm_3K2YImc
    youtu.be/HklWMqA9oVA
    youtu.be/e3-5YC_oHjE
    youtu.be/fhzm-sZNjsg
    youtu.be/BxBfQLHykfI

    This was fucking hilarious.

    OSCP | TMHC CTF

  • any hint how i will get the password for the second user sa**y

    Arrexel
    OSCP | I'm not a rapper

  • This box was not at all what I expected.. not terribly hard looking back at it now, but a good challenge based on fundamentals. Kudos to @Agent22

    Hack The Box

  • @RLFP said:
    Pretty much my approach...
    youtu.be/v_3ks7-OjGc
    youtu.be/234u2ZV8HNY
    youtu.be/mLm_3K2YImc
    youtu.be/HklWMqA9oVA
    youtu.be/e3-5YC_oHjE
    youtu.be/fhzm-sZNjsg
    youtu.be/BxBfQLHykfI

    lol - nice

  • @sazouki said:
    any hint how i will get the password for the second user sa**y

    enumerate more when you are on the system with..... ;)

  • @sazouki said:
    any hint how i will get the password for the second user sa**y

    I really wish they made BACKUPs of passwords... even if they were hashes.

    OSCP | TMHC CTF

  • edited July 2018

    I've managed to get user access! However does anyone have any hints for priv esc to get root access? does it have anything to do with lx.xo.1 (if you know what i mean ;) ) ? PM me please, thanks!

    gwizwold

  • The comments have been very helpful, but I'm having privesc issues to get root.txt. I've tried every flag I can think of and some of the one's on the man page are not valid/working. Would someone kindly nudge me in the right direction?

  • I'm using a particular service to get the /root/root.txt file, but it is saying "File not Found"

  • Finally! This was a pain in my backside, but I finally got it.

  • edited July 2018

    got one account

  • edited July 2018

    got other user yessssssss

  • got root.txt now trying to root it with 2 different methode...

    Arrexel
    OSCP | I'm not a rapper

  • would appreciate some help with root. I'm new to this and not sure which service to use. PM me please

  • > @trounce1 said:
    > would appreciate some help with root. I'm new to this and not sure which service to use. PM me please

    man sudo...

    Arrexel
    OSCP | I'm not a rapper

  • who tried to crack root hash ?

    Arrexel
    OSCP | I'm not a rapper

  • @sazouki said:
    who tried to crack root hash ?

    rooted good box

    Arrexel
    OSCP | I'm not a rapper

Sign In to comment.