NIbbles

Any hints for priv esc ? I’m stuck… I know the file .sh, but don’t know what I have to do… pm me

After days of trying, last night I ‘guessed’ the creds and got in. Finding the vuln was easy, I got a low priv shell but then it was midnight here and I was tired. No prob, let’s resume tomorrow - so I thought.
Of course, now I can’t get back in - I guess my guess was what someone change the creds to. BAD, BAD HACKERS! When people do this, none of the suggestions matter (I read the whole thread) - you are literally shooting blind if people change the creds after logging in (I can understand WHY they do it, but it’s still wrong).
I am so sick & tired of this box, ready to move on. If anyone is willing to share the creds (I can prove I got a shell yesterday, by providing both my reverse shell code and a screenshot of my netcat connection), please PM me.

Need a bit of help please. I’ve got the username and password for the admin page and i’m guessing what i need to do now is run the exploit in metasploit? Trying to do this but I just get the error “Exploit aborted due to failure: unknown: Unable to upload payload.” All settings for the exploit look correct to me so not sure what this error means

@theboytony said:
Need a bit of help please. I’ve got the username and password for the admin page and i’m guessing what i need to do now is run the exploit in metasploit? Trying to do this but I just get the error “Exploit aborted due to failure: unknown: Unable to upload payload.” All settings for the exploit look correct to me so not sure what this error means

No matter I’ve completed it now, had to modify the exploit file…

@homdreen said:
Any hints for priv esc ? I’m stuck… I know the file .sh, but don’t know what I have to do… pm me

Nvm, already got root… XD
If anyone wants hints, send me pm… :slight_smile:

I’ve found the login page but I’m at a loss for the login creds. I’m new so the “default” hints aren’t helping much. Any help would be greatly appreciated!

@Ch1R0h said:
I’ve found the login page but I’m at a loss for the login creds. I’m new so the “default” hints aren’t helping much. Any help would be greatly appreciated!

You can find the username somewhere on the box, and the password is a default one. I know it’s not what you’ve expect, but it is !
I can only say that if you read the previous posts, there i a big hint (almost the answer) for the password :slight_smile:

PM me if you still have trouble with this !

Just wanted to say thanks to all of you for your insight and helpful commentary. Just rooted my first box and I appreciate everyone of you for helping with that. I’m looking forward to starting on the next one!

Well… that was easy!

owned the user but i am unable to get the root…any hints…?

I feel like I’m a step away from getting the root.txt, but I’m just missing a crucial step with the *****.sh file.

Can someone PM me?

I found the login page and the username,but i cannot get the password.Give me a hint,thank you!

I have been struggling to “guess” the username/password in admin login form with no result. I think I have the correct username (written also in a file) but I am not really into the “Try Harder” joke. Could anyone help?

@htbfk said:
I have been struggling to “guess” the username/password in admin login form with no result. I think I have the correct username (written also in a file) but I am not really into the “Try Harder” joke. Could anyone help?

think real simple. really really simple

It seems that I am the biggest noob, since I cannot find even the login page. So far, I managed to find the “hidden” site, and also find the “hidden” folders like: boot. I even found a folder with a file named login, but I cannoy execute it. I can only see its code. I even tried to execute it through the index.php, but this didnt help me either. If someone can give a hint it would bw great, because I am one step before quitting.

“Nibbleblog security error - Blacklist protection” I haven’t bruted it but looks like brute protection… i read from this posts user/pass is simple to guess but cant got hold of it! any one to PM a direction?

@Revolution said:
It seems that I am the biggest noob, since I cannot find even the login page. So far, I managed to find the “hidden” site, and also find the “hidden” folders like: boot. I even found a folder with a file named login, but I cannoy execute it. I can only see its code. I even tried to execute it through the index.php, but this didnt help me either. If someone can give a hint it would bw great, because I am one step before quitting.

make it simple! I just logged in to admin

New to HTB, and this was my first box… Thx

@Revolution said:
It seems that I am the biggest noob, since I cannot find even the login page. So far, I managed to find the “hidden” site, and also find the “hidden” folders like: boot. I even found a folder with a file named login, but I cannoy execute it. I can only see its code. I even tried to execute it through the index.php, but this didnt help me either. If someone can give a hint it would bw great, because I am one step before quitting.

You’re on the wrong path

@shane2483 said:
So I can not spawn a TTY shell and keep getting errors when I run sudo command.
I have tried every Spawning method on several sites.

when I try to spawn a TTY

can’t access TTY job control turned off

When I run sudo: (i assume because i dont have TTY)

: unable to resolve host Nibbles: Connection timed out
: no tty present and no askpass program specified

Im at the very end. Going on my third day and just cant get this .sh file to play nicely.

I’m stuck on this exact step too