Hint for Sunday

11415161820

Comments

  • Finally got user and root.

    Tbh this machine is not that hard but people keep messing with the machine constantly, so the process was really slow and painful.

    dionero

  • wget is not just for download, sometimes you can use it for upload with help of post method .

  • edited September 2018

    can i use rockyou to get through ssh?

    nevermind, got it!

  • which word-lists did u use to crack the root's password?

  • Any hint for privesc? i try many vectors...

  • Just rooted the box. It was fun and learned alot the simple things.

    For priv esc just read the above comments .

  • After 1 hour I got the hash, now spending 2 hours just because people are messing with the box. Every time i log in the hash is either different or missing. At this rate cracking with hashcat is also impossible. Please PM me i need some help.

  • @Takao said:

    @Planetxort said:
    For people who are complaining about finding only two ports...try harder.
    For people complaining about not finding where the user.txt is, think about how you can find the correct directory.
    For people complaining about priv esc..realize there are other ways about going about it.
    For people stuck on obtaining root, think about how you can enumerate further with that privileged user.

    Finally got user & root

    In getting root, w**t is the program that will help me?

    I didn't use a program

  • To all the people complaining about the nmap taking too long. Try redefining your parameters. For this box in particular, using what I always use didn't work. If you're confused to what I mean, think about how ports work. That's all I can say without straight up giving it away.

  • @Planetxort said:
    To all the people complaining about the nmap taking too long. Try redefining your parameters. For this box in particular, using what I always use didn't work. If you're confused to what I mean, think about how ports work. That's all I can say without straight up giving it away.

    Root flag obtained... Thank you all for your help!

  • edited September 2018
    I will try harder.
  • edited September 2018

    I got into the machine as the 1st user and found the 2nd user along with the user.txt file. I ran an enumeration script to see how I could escalate privileges to read the user.txt file and the only result I get tells me that I can s*** without a p***** but it's not working as expected. I don't want to spoil anything so if someone willing to point me in the right direction could PM me I can give more details. I'm just trying to get the user flag.

  • Finally got it! This box had me banging my head against the wall for ages on the user pivot! The best hint for me was to go back to the / and just manually look it everything you see. Once you see it you wish you could get the time .back. Root was much easier, with one tool in your toolbox there's only so many [options] you need to include

  • edited September 2018

    managed to finally get the users.txt and have checked through a lot of files/directories and am at a loss for getting root, any small hints plz?

    got it!

  • been stuck for so long on trying to crack second user password someone help me

  • Stuck with privesc .. I have ideas on what to do but still couldn't make it! any one to help ?

  • Finally got both the flags. Pm for any hints if needed !

    Draco123

  • Finally got the root flag. Many thanks to the creator of this box!!!! Really funny box! I learned a lot!

    Hack The Box

    Ozunu

  • edited September 2018
    If you see my profile, i got root for sunday. But, while i was enumerating, some user created a file , i did read it and i got a gift root key!!! Can someone help me in order to find the right path by pm?
  • I got root.txt but I wasn't able to crack root for a certain file, is it supposed to be possible? With what wordlist? If anyone would like to give me a tip for this in private that would be great.

  • Rooted ! Nice box btw, just annoying when people crash the box, ppl, a bomb its not necessary, never, :+1: Just enumerate ;)
    Any hint, just ask :D !
    cheers!

  • This one was a mssion but finally rooted!!

  • Im thinking about if the high port number is a "sunset" ?
    If that's correct, rolf, +1 to creator haha !

  • edited September 2018

    so is it possible to actually obtain the password i need for initial access or am i stuck with wither brute forcing against my users list or simply trying to guess.???

    feeling pretty stuck, my BF attempt doe'st look like its a viable method, been running a while

  • Has anyone got a hint for root.txt? I know I should use w**t and tried several things which didn't result in anything yet.... PM would be nice

    center

  • Hi, could someone help me with a hint regarding the second user. I guessed the first user pass and I am in and found a hash, but I am not sure if cracking it is the right way. Thx

  • Who is changing passwords, that too in 40 seconds of reset -_-

  • edited September 2018

    @nitinrkz said:
    Who is changing passwords, that too in 40 seconds of reset -_-

    The box is very unstable. People changing its configuration.

  • But 40sec is insane, and now i am not able to reset it nor login

  • edited September 2018

    Got first user ssh, found text ..got second user hash ...please PM me with a nudge on cracking the second user.

    Hack The Box

Sign In to comment.