Mischief after patch

edited July 2018 in Machines

Can someone who own mischief after patch help a little with priv esc

«1

Comments

  • Same here. Has anyone done it? I can't seem to find any way to priv esc.

    Asairo

  • Nope, the only thing that i found vulnerable is now patch ...
    I'm not even sure why this specific service is here if it's not to exploit it :/

    HomardBoy

  • @HomardBoy said:
    Nope, the only thing that i found vulnerable is now patch ...
    I'm not even sure why this specific service is here if it's not to exploit it :/

    I found the way. I think it's good to put yourself in the shoes of the creator and think about the possible pranks he could do.

    Asairo

  • Any chance of narrowing that down? There's a lot of mishchief that can be pulled on a linux system if you're trying to prank users. ;-)

  • Asairo said it pretty well actually. At EVERY turn, think about how someone could make this (whatever) not how you think it is, but some crazy or stupid way. Hackers tend to overthink things. Remember not to assume!! Look at everything carefully.

    Hack The Box

  • edited July 2018

    I have two sets of creds but not sure where I need to go now. So many rabbit holes yet so rewarding

  • @blackhood i have been trying for 2 that priv esc today is 3rd day

  • I'm a bit frustrated, but i still hope

  • @blackhood said:
    Asairo said it pretty well actually. At EVERY turn, think about how someone could make this (whatever) not how you think it is, but some crazy or stupid way. Hackers tend to overthink things. Remember not to assume!! Look at everything carefully.

    Thanks for the help... got it:D

  • So after 4-5 hours of thinking I can't pass the second login page. I have 2 creds none of them work for second login page. I tried all sorts of word mangling,used john the ripper's word mangling feature(also rsmangler's). Tried brute forcing but didn't work. Tried reading snmp output but nothing more interesting. Scanned all TCP/UDP ports. Tried SQLi. Can't think of any other way. One little hint will be appreciated. I even thought that this box is somehow related to "Thor" movie. But can't find a connection.

    Higgsx
    OSCP | GCIH

  • Don't assume. Don't forget who's trying to trick you. Try to keep him out of your mix. Use what you find, but don't assume you already know how to use it. Presume everything comes with a trick to it. The god of trickery would never give you anything without one. Also, there's a pattern to the box. Try to pick up on it as you go. It helps to get into the mind of the trickster(0). I can only reword these hints so many ways, but I hope this helps you guys.

    Hack The Box

  • @x4nt0n start over from when you logged in as user. Then search the system carefully. Pay VERY close attention and assume NOTHING. That's the best advice I can give guys. I hope that answers all the people that inboxed me, lol. Those are way too many to reply to one by one.

    Hack The Box

  • So has anyone been able to root mischief post-patch? I've been stuck on this thing for about a week now with absolutely zero luck.
  • SpZSpZ
    edited July 2018

    Rooted it, great box! :D

  • edited July 2018

    root is fucking annoying. cant get the way in. kindly PM me for right direction. struggling a lot! x(

    pzylence
    OSCP

  • I found some trickery with commonly used escalation commands, but I'm not quite sure where to go from there.

  • Anybody got any tips of us living in third-world network infra? :(

    izzie

  • wait a Second when did mischief got patched. mm ill try again then! if so.

    Arrexel
    OSCP | OSCE half way!

  • 123123
    edited August 2018

    Rooted.

    As others have said, don't think about complex solutions, the way is actually really simple.

    This machine is about not trusting our own brains. Sometimes we use the information we already have to come to the conclusions that makes the most sense. Almost all the times this means that there is always some data that its right in front of our eyes, and yet we don't see it. In cases like these its much better not to assume anything and simply look and process every bit of data available to us (easier said than done).

    Really cool box, waiting for more @trickster0!

  • Anyone willing to PM me a nudge on privesc? I'm at a loss. Tried using a particular file to get creds to a particular service, but I have a feeling that's a rabbit hole. Other than that, though, I'm lost :(

  • hi guys - i am loggedi in as root but can see the root flag
    hint pls

    masuse

  • nvm.. got the flag
    what a painful ride

    masuse

  • getfacl will solve some mystery... which command? the one that you want to use with a password but somehow can't use.

    wilsonnkwanl

  • @wilsonnkwan said:
    getfacl will solve some mystery... which command? the one that you want to use with a password but somehow can't use.

    step down to stage 1 is the answer! :)

    masuse

  • Finally rooted! It was tiring but it was worth it.

    SymR

  • edited August 2018

    Would anyone be willing to give me a nudge on privilege escalation? I'm not really noticing/finding anything, but, admittedly, my enumeration game is a little weak. Just looking for tips, really.

    opt1kz
    https://i.imgur.com/4jXzPqJ.png
    404 Friend Not Found

  • @opt1kz said:
    Would anyone be willing to give me a nudge on privilege escalation? I'm not really noticing/finding anything, but, admittedly, my enumeration game is a little weak. Just looking for tips, really.

    Pay attention! He is very deceitful!

  • funny box i got the root

    Raouf09

  • can anybody pm me about priv esc?

    kiriknik

Sign In to comment.