I have managed to get the user flag. I am now on root. I did some J****B*****K and basic unumeration. I have a feeling that the J****B*****K won't help. I did more but I can't go into details because of spoiler.
I am stuck and I won't give up. Can some send me PM with a small hint?
Hey everyone looking for a nudge in the right direction re: initial foothold. I know whats happening, know what Im supposed to do, think my php just needs a little tweak. PM if you're willing to give me a small hint
Anyone got any ideas? Been playing with RESTClient to try read directories or files using f******d.php and d*****d.php but its returning false on whatever I throw at it. Any ideas? The background image requires a passphrase to extract st***** data from it.
Im suck and not sure what is wrong. I got the m****** file and put it though sed to strip out everything bad, but then I try to ssh n****[email protected] and I am getting "Permissions 0644 for '********.key' are too open.
It is required that your private key files are NOT accessible by others.
This private key will be ignored."
Can anyone give me a hint as to where I have gone wrong?
@Makarios said:
Im suck and not sure what is wrong. I got the m****** file and put it though sed to strip out everything bad, but then I try to ssh n****[email protected] and I am getting "Permissions 0644 for '********.key' are too open.
It is required that your private key files are NOT accessible by others.
This private key will be ignored."
Can anyone give me a hint as to where I have gone wrong?
That error tells you exactly what the issue is, just chmod to the right perms
@Makarios said:
Im suck and not sure what is wrong. I got the m****** file and put it though sed to strip out everything bad, but then I try to ssh n****[email protected] and I am getting "Permissions 0644 for '********.key' are too open.
It is required that your private key files are NOT accessible by others.
This private key will be ignored."
Can anyone give me a hint as to where I have gone wrong?
That error tells you exactly what the issue is, just chmod to the right perms
I did try to chmod 777 it, but It comes up with the same resluts. Only difference is it says "Permissions 0777" instead of "Permissions 0644"
@Makarios said:
Im suck and not sure what is wrong. I got the m****** file and put it though sed to strip out everything bad, but then I try to ssh n****[email protected] and I am getting "Permissions 0644 for '********.key' are too open.
It is required that your private key files are NOT accessible by others.
This private key will be ignored."
Can anyone give me a hint as to where I have gone wrong?
That error tells you exactly what the issue is, just chmod to the right perms
I did try to chmod 777 it, but It comes up with the same resluts. Only difference is it says "Permissions 0777" instead of "Permissions 0644"
@Makarios said:
Im suck and not sure what is wrong. I got the m****** file and put it though sed to strip out everything bad, but then I try to ssh n****[email protected] and I am getting "Permissions 0644 for '********.key' are too open.
It is required that your private key files are NOT accessible by others.
This private key will be ignored."
Can anyone give me a hint as to where I have gone wrong?
That error tells you exactly what the issue is, just chmod to the right perms
I did try to chmod 777 it, but It comes up with the same resluts. Only difference is it says "Permissions 0777" instead of "Permissions 0644"
It's telling you that the key file shouldn't be accessible to others, 777 gives it more perms
@Makarios said:
Im suck and not sure what is wrong. I got the m****** file and put it though sed to strip out everything bad, but then I try to ssh n****[email protected] and I am getting "Permissions 0644 for '********.key' are too open.
It is required that your private key files are NOT accessible by others.
This private key will be ignored."
Can anyone give me a hint as to where I have gone wrong?
That error tells you exactly what the issue is, just chmod to the right perms
I did try to chmod 777 it, but It comes up with the same resluts. Only difference is it says "Permissions 0777" instead of "Permissions 0644"
It's telling you that the key file shouldn't be accessible to others, 777 gives it more perms
yeah, i got it now. Its late and im idiot. i went the wrong way, thank you for your help
@Makarios said:
Im suck and not sure what is wrong. I got the m****** file and put it though sed to strip out everything bad, but then I try to ssh n****[email protected] and I am getting "Permissions 0644 for '********.key' are too open.
It is required that your private key files are NOT accessible by others.
This private key will be ignored."
Can anyone give me a hint as to where I have gone wrong?
That error tells you exactly what the issue is, just chmod to the right perms
I did try to chmod 777 it, but It comes up with the same resluts. Only difference is it says "Permissions 0777" instead of "Permissions 0644"
It's telling you that the key file shouldn't be accessible to others, 777 gives it more perms
yeah, i got it now. Its late and im idiot. i went the wrong way, thank you for your help
I'm in the last step of priv esc, my exploit don't work for some details, i need to ask few questions to someone who succeed to read root.txt (I don't want to spoil)
EDIT: Nevermind i was just looking for a complicated way, rooted
Thanks to all information in this thread !
Rooted. All the methods used are really simple, though in the privesc i required some hints in order to proceed also a google search proved to be useful , and root was about a matter of seconds, a very well made box, kudos !!
hi there, i am new and in need of a hint....been stuck on simple dir......tra..... techniques and i think i am overlooking something or have a string/command error and cant figure it out?! anyone wants to give me a clue via PM ? i have a feeling that i am on the right path but hitting a wall for now.... ps.: i am able to read/write lists, add data to them, see the html/localhost folder, but not able to access them...also tried different URI decodings etc...i am pretty new on website attacks as well thx alot!!
@dReadB0t138 said:
hi there, i am new and in need of a hint....been stuck on simple dir......tra..... techniques and i think i am overlooking something or have a string/command error and cant figure it out?! anyone wants to give me a clue via PM ? i have a feeling that i am on the right path but hitting a wall for now.... ps.: i am able to read/write lists, add data to them, see the html/localhost folder, but not able to access them...also tried different URI decodings etc...i am pretty new on website attacks as well thx alot!!
have you tried reading the php files using the other php file?
hint: it's not about decoding. it's about repeating something...
Comments
I have managed to get the user flag. I am now on root. I did some J****B*****K and basic unumeration. I have a feeling that the J****B*****K won't help. I did more but I can't go into details because of spoiler.
I am stuck and I won't give up. Can some send me PM with a small hint?
Hey everyone looking for a nudge in the right direction re: initial foothold. I know whats happening, know what Im supposed to do, think my php just needs a little tweak. PM if you're willing to give me a small hint
This one is driving me mad to get the foothold
Check what you initially find out about the box there's something that will gain your initial foothold in the box if you need help PM me
Anyone got any ideas? Been playing with RESTClient to try read directories or files using f******d.php and d*****d.php but its returning false on whatever I throw at it. Any ideas? The background image requires a passphrase to extract st***** data from it.
Im suck and not sure what is wrong. I got the m****** file and put it though sed to strip out everything bad, but then I try to ssh n****[email protected] and I am getting "Permissions 0644 for '********.key' are too open.
It is required that your private key files are NOT accessible by others.
This private key will be ignored."
Can anyone give me a hint as to where I have gone wrong?
That error tells you exactly what the issue is, just chmod to the right perms
If I help you out please send me some respect :P
I did try to chmod 777 it, but It comes up with the same resluts. Only difference is it says "Permissions 0777" instead of "Permissions 0644"
http://bfy.tw/LHwW
:bleep_bloop:
Fun times are bound to end. - Korosensei
It's telling you that the key file shouldn't be accessible to others, 777 gives it more perms
If I help you out please send me some respect :P
yeah, i got it now. Its late and im idiot. i went the wrong way, thank you for your help
Haha, no worries.
If I help you out please send me some respect :P
Finally managed to get the user.txt on n***** user. really struggling with root. Any suggestions?
blocked by the enumeration... any hint ?
I'm in the last step of priv esc, my exploit don't work for some details, i need to ask few questions to someone who succeed to read root.txt (I don't want to spoil)
EDIT: Nevermind i was just looking for a complicated way, rooted
Thanks to all information in this thread !
There's an imba file in the host. Exhaust all means to enumerate.
Write-ups of retired machines
Rooted. All the methods used are really simple, though in the privesc i required some hints in order to proceed also a google search proved to be useful , and root was about a matter of seconds, a very well made box, kudos !!
Stuck on root... I've broken out of the rbash using r**d but am not finding a way to read root. Could someone PM me a hint..?
Thanks in advance
Learnt something new in the PrivEsc - uncertain as to whether I enjoyed it, but I certainly learnt something new and important.
Got user and root after a few days of playing with the box and a lot of trial and error. A great learning exercise. On to the next box.
hi there, i am new and in need of a hint....been stuck on simple dir......tra..... techniques and i think i am overlooking something or have a string/command error and cant figure it out?! anyone wants to give me a clue via PM ? i have a feeling that i am on the right path but hitting a wall for now.... ps.: i am able to read/write lists, add data to them, see the html/localhost folder, but not able to access them...also tried different URI decodings etc...i am pretty new on website attacks as well
thx alot!!
have you tried reading the php files using the other php file?
hint: it's not about decoding.
it's about repeating something...
Fun times are bound to end. - Korosensei
g0t r00t...
drop me a message If you need help
had to edit the file manually.
can anyone pm me for priv esc hints
Thank you
for someone struggling with user - let's say '12123434' escaped from '1234' will look like '1234'
Can someone PM me with a hint for PHP? I thought I was doing it right, but I can't get it working.
Thanks
Finaly got root flag for waldo. Interested way to do privilege escalation. I learned alot of this box.
Got root flag. Thanks to @marvin7408 for the hint to get me over the finish line. PM me if you need hints.
Discord: AzAxIaL#8633
Write-up en español:
https://medium.com/@pdelteil/como-resolver-waldo-hackthebox-7bb57d4e9dbb