Bounty

1679111216

Comments

  • edited August 2018

    finally user and a stable shell (if people dont reboot the server).. now to priv esc??

  • Rooted today. Fun ride and lessons learnt on this one. Be aware of architecture!

    War4uthor

  • Rooted after one month. And the reason for that is simply lack of knowledge and experience.
    So if you you cannot get user/root - try harder and learn more. Take a break (I did four or five different boxes meanwhile).
    Read the tutorials for the exploiting Windows, in the end you find out that this box is not the rocket science.

    BTW I can see on the "Page info" of the web this:
    Have I visited this website prior to today? Yes, 1 491 times ;)

    So be patient and GL, I go for beer...or three:)

  • @AgentTiro said:
    If you think you have RCE, how about pinging yourself and watching for the traffic with wireshark?

    yeah was able to ping myself.. got something wrong with the coding and ended up getting the text to display. Got user! Working on RCE now...

    Hack The Box

  • Got a wShell to do RCE with, but cannot find user for the life of me, have gone up and down all these directories. Can anyone give me a tip?

    cr4nk

  • Need some advice getting initial foothold. Think i have the URL but not sure.. Please PM me.

  • Can somebody PM me with some help on the parameters for RCE? I've got the right file extension and am uploading what I assume to be the right file but keep getting 500 errors.

  • got root !

  • PM if needed

  • also finally got root.. pm if you need a nudge. this box was verrrrry touchy with the commands.. things would just stop working if I missed a single quote, etc.

    Hack The Box

  • edited August 2018

    Spoiler Removed - Arrexel

    wilsonnkwanl

  • I cannot even get a user on this. I already have wasted 5 days, and I have not get the user flag yet. Reading the posts from this topic, I understand that I have to find a secret page that will help me upload my payload. I tried with wfuzz and dirbuster all the wordlists regarding asp.net that I could find, but so far I could not get access. Any hint ?

    Revolution

  • I know where it goes but I'm not sure how to build it and then trigger it. I've read all these posts and I've tried different arch but I think I'm too n00b to understand. Anyone willing to PM about building and then triggering? I would appreciate it!

  • I have created payload and can successfully browse through the website, but where the hell is user.txt?

    Razzty

  • edited August 2018

    Hello,
    Guys could you pls give me a hint.
    I ran dirb, nikto and gobuster with different wordlists (common.txt, big.txt, something.medium.txt). Have found two directories to which I do not have access "Forbidden". Would appreciate a hint.

  • I keep getting internal error 500 .Tried a lot of combinations nothing worked .Please help

  • The box seems so unstable, getting different responses all the time... Is this correct?

    WillIWas

  • @WillIWas said:
    The box seems so unstable, getting different responses all the time... Is this correct?

    yea that box can seem unstable, at times and a bit temperamental . do you have any shell access etc?

  • @mizzion said:

    @WillIWas said:
    The box seems so unstable, getting different responses all the time... Is this correct?

    yea that box can seem unstable, at times and a bit temperamental . do you have any shell access etc?

    No, I just started, found som gui, but it disappeared and I can't get it back

    WillIWas

  • Messed up my dirb search aswell... annoying

    WillIWas

  • @WillIWas said:
    Messed up my dirb search aswell... annoying

    if you read all the posts on this thread you will work out what scans to run for a successful recon phase which will lead to your foothold

  • @mizzion said:

    @WillIWas said:
    Messed up my dirb search aswell... annoying

    if you read all the posts on this thread you will work out what scans to run for a successful recon phase which will lead to your foothold

    Well, I'll go read then, thx

    WillIWas

  • @Razzty said:
    I have created payload and can successfully browse through the website, but where the hell is user.txt?

    You can't see the air but...

  • @sodomak said:

    @Razzty said:
    I have created payload and can successfully browse through the website, but where the hell is user.txt?

    You can't see the air but...

    Yeah, you're right :) Now I'm on priv esc, since I got user shell. Any hints?

    Razzty

  • Bounty is wildly unstable - same file that worked four hours ago, from the same computer, now throws a 404. Makes no sense.

  • Not even trying RCE - just trying to view text.

  • after much work and many dead ends i finally got system on this box. the box's instability definitely threw me off at both the user and system stage. it was good fun though and i learned a lot in the process.

  • tried many extensions, almost every language i can think of! this is nasty !

    masuse

  • edited August 2018

    Edit: nevermind, I'm dumb xD

  • finally got root, if someone needs help, just PM me...

    Ozunu

Sign In to comment.