Hawk

11213141618

Comments

  • edited November 2018

    @PercyJackson35 said:
    I can't see to find where to start a foothold.. anyone want to point me in the right direction? And is the messages directory via ftp supposed to not have anything in it?

    Spoiler Removed - Arrexel

  • Can anyone give me a nudge for user? I have enumerated through the open services, decrypted, but i have no idea where to find username. Do i need to enumerate / brute force for username or is it more obvious?

    Thanks

    gwizwold

  • Need Help on "D*****" password. Searched for it in all the relevant files but no luck yet. Any hint on this please?

  • wow, from all the comments of people with pro hacker and guru status. This isn't that easy of box huh?

    Huejash0le

  • edited October 2018

    Do I need the password for the user on 8082? I'm stuck at the privesc. I got logged in as D***** on ssh..

    EDIT: Got root now :)

    Hack The Box

  • can't get a shell for 5 minutes, keeps being reset >.<

  • edited October 2018

    I could really use some hints for the enc file. Any help is useful. Feel free to PM me.

    Edit: got user.txt, now for privesc...

  • hints on getting ssh passwd 4 user d***l
    <img src="https://www.hackthebox.eu/badge/image/26824" alt="Hack The Box">
  • for the user initial information stage, you have a good friend in google called "Ew Skuzzy"

  • who else got this error? Wrong user name or password [280-196] 280/28**0 (Help)

  • this box was easy. if you guys need help PM me on the main site and not the forum

    drywaterv2

  • @agnarus said:
    who else got this error? Wrong user name or password [280-196] 280/28**0 (Help)

    i do not know the reason but this was not the wat to get the PE.for PE, poison+exploitDB will help you.

  • edited October 2018

    Got user, onto root!

    edit: rooted, what a fun box!

    avoidy

  • Rooted months ago, searching for alternative ways of rooting, please pm me if you'd like to discuss about it

    TheInnocent

    "I recognize, Mr. Reese, that there's a disparity between how much I know about you and how much you know about me. I know you'll be trying to close that gap as quickly as possible. But I should tell you... I'm a really private person."

  • I now logged in as user "D*****", did the P*** F****** and then tried to use the credentials found but it says wrong username/password. Badly stuck at this point from so long. Any hint on how to proceed further please?

  • Great box! I learned some things about my ftp client (I thought it was better than it actually is) and the privesc was really cool :)


    image
                         HTB Profile


  • I am trying to decrypt but the tool I am using is saying ".enc is not a salted xxxxxfile."

    ????

  • ok I was able to get root ... but now I am stuck in the console shell without any possibility to get root.txt ... nudge me via pm please ! this is driving me nuts :-1: nice box by the way

  • How to decrypt the file... help please
  • edited November 2018

    << redacted >>

  • edited November 2018

    Can anyone give me a nudge on this box? Got user and I am stuck now. Thank you.

    Edit: Rooted. Another interesting machine.

  • rooted, really fun box! thanks @mrh4sh . Feel free to pm me if needed :-)

  • Rooted, finally! Good box.

  • Just rooted it, finally. Awesome box. Thanks :)

  • edited November 2018

    I think I've kind of done this box backwards, but at any rate, can someone tell me what the hell the secret to the p21 is? I just see messages with what appears to be nothing in it. But we all know this is not possible!

    I've enumerated the hell out of the box and looked at some configs, browsed over the h20 port, got some ssh usernames, etc. I guess I wanna do the box right and get this enc file from FTP.

    Edit: Learn a new FTP command everyday :)

    Thanks!

    publicist

  • edited November 2018

    nvm

  • edited November 2018

    Got root.
    People here are mentioning that they got access to d****l, which I never got, before getting root. I'd like to discuss about your approaches and methods! Feel free to PM and educate me :)

    sanre

  • edited November 2018

    Helloo, I'm stuck in the privesc I can't find that file with the password of d*****, I'm looking where the cms store the conf settings, but I didn't see anything, I thought that is .P** file but I'm not sure. Any hint of where should I search?, or any keyword to use grep.

  • > @w0xter said:
    > Helloo, I'm stuck in the privesc I can't find that file with the password of d*****, I'm looking where the cms store the conf settings, but I didn't see anything, I thought that is .P** file but I'm not sure. Any hint of where should I search?, or any keyword to use grep.

    Perhaps you are looking at the wrong settings. A Google search will tell you the exact location for the file you are seeking
  • @securityNinja said:
    > @w0xter said:
    > Helloo, I'm stuck in the privesc I can't find that file with the password of d*****, I'm looking where the cms store the conf settings, but I didn't see anything, I thought that is .P** file but I'm not sure. Any hint of where should I search?, or any keyword to use grep.

    Perhaps you are looking at the wrong settings. A Google search will tell you the exact location for the file you are seeking

    I'm looking inside v/w/h***/, is these dir wrong???

Sign In to comment.