Poison

1121315171823

Comments

  • @DrChud said:
    1. How does one unzip the file on the machine? I don't see an option for adding a password for unzip

    1. If it can't be unzipped on the machine how does one download the file? I tried scp but keep getting permission denied

    Any hints?

    1. "-P"
    2. scp works.
      :-)
  • @xdaem00n and @resiliencia90

    Thanks for the tips. +1 respect to both of you

  • @BlackArrow said:
    I need some help.........found usernames and decoded the code, ssh does not work that decoded password..........Dont know what to do..........somebody help......

    Think about what services are running on the system. Think about the creator. That's how I got user, can't help you with root though.

  • edited July 2018

    unzipped the file. but not sure how to get forward

  • @iammainul said:
    unzipped the file. but not sure how to get forward

    Here's a couple of hints for you:

    • The output of LinEnum.sh has the service you are looking for. Look for something that you may not expect to find on a non-GUI system.
    • Not every port is open for the world to see. Can you find a way to access those ports from your kali box?

    Good luck.

  • @opanwar said:

    @iammainul said:
    unzipped the file. but not sure how to get forward

    Here's a couple of hints for you:

    • The output of LinEnum.sh has the service you are looking for. Look for something that you may not expect to find on a non-GUI system.
    • Not every port is open for the world to see. Can you find a way to access those ports from your kali box?

    Good luck.

    can I PM you?

  • @iammainul said:

    @opanwar said:

    @iammainul said:
    unzipped the file. but not sure how to get forward

    Here's a couple of hints for you:

    • The output of LinEnum.sh has the service you are looking for. Look for something that you may not expect to find on a non-GUI system.
    • Not every port is open for the world to see. Can you find a way to access those ports from your kali box?

    Good luck.

    can I PM you?

    Sure PM away.

  • edited July 2018

    Hi

    I am getting a grey/white screen with some weird buttons when trying to get root.

    What parameters should i add? I was thinking about -geometry but that doesn't fix anything?
    EDIT: nevermind, Spoiler Removed - Arrexel

    Just rooted, pm me if you have questions! Thanks for everybody who helped me!

  • edited July 2018

    @JohnVanBoxtel said:
    Hi

    I am getting a grey/white screen with some weird buttons when trying to get root.

    What parameters should i add? I was thinking about -geometry but that doesn't fix anything?
    EDIT: nevermind, Spoiler Removed - Arrexel

    Just rooted, pm me if you have questions! Thanks for everybody who helped me!

    Well.. I guess this is more than a nudge for people who are just starting priv esc.

  • Got root.
    Learned a lot from this box. Awesome, thank you.

    If anybody needs a hint: feel free to send me a message. :-)

  • rooted, thanks

    Hack The Box
    If you appreciate my help, please give +1 respect https://www.hackthebox.eu/home/users/profile/50022

  • when nmap -v u get 2222 open which is ESET use for connection between server and agent
    tried to ./agen...sh --password= and ect but didnt work quite well
    if someone could help pls tell us

  • edited July 2018

    Spoiler Removed - Arrexel

  • Hi
    i am stuck at the grey screen , i have tried all the options
    if someone can help please PM ..

  • can someone reset poison? the service not running currently.

  • I managed to get user a while ago and decided I'd try to get root, but now I can't remember for the life of me how I did user, lol.

    I think I have an idea but the thing I'm trying is just taking way too long so maybe I'm not doing it right. Can someone PM me a hint?

  • ... so changing to my phone's wireless AP let me do the thing I wanted to do. Welp.

  • Pretty cool box. First I found the wrong way to the root flag but today I figured it all out by myself. Was little tough for me but it is ineed a cool box. Whoever needs a hint lmk in PMS

    v1ew-s0urce.flv
  • I unzipped the zip folder but am stuck on where to go next. Any hints would be greatly appreciated. Thank you in advance
  • @n0bf said:

    @BlackArrow said:
    I need some help.........found usernames and decoded the code, ssh does not work that decoded password..........Don't know what to do..........somebody help......

    Think about what services are running on the system. Think about the creator. That's how I got user, can't help you with root though.

    You said to think about the services running and the user who created. So I got that part, from other hints I got 'more enum' / 'no brute forcing' I already achieved the LFI and obtain some info .. I won't say what just in case it's a spoiler. I am sort of a newbie. I really don't want help ... but can someone point in the right direction? I've scanned 1,000 ports should I can more?

    I've run some LFI scripts to help me decode the shadow password path. I hope that wasn't a spoiler. I looked for Xploits for the service that runs on p22. .. I injected my own user request burp pro... man IF I can obtain user I'll be grateful at this point. I hate asking for help!! any pm's?

  • got gray/white screen but nothing on it.. not sure if i'm utilizing the unzipped file correctly.. any suggestions/hints?

  • @seCBios said:

    @n0bf said:

    @BlackArrow said:
    I need some help.........found usernames and decoded the code, ssh does not work that decoded password..........Don't know what to do..........somebody help......

    Think about what services are running on the system. Think about the creator. That's how I got user, can't help you with root though.

    You said to think about the services running and the user who created. So I got that part, from other hints I got 'more enum' / 'no brute forcing' I already achieved the LFI and obtain some info .. I won't say what just in case it's a spoiler. I am sort of a newbie. I really don't want help ... but can someone point in the right direction? I've scanned 1,000 ports should I can more?

    I've run some LFI scripts to help me decode the shadow password path. I hope that wasn't a spoiler. I looked for Xploits for the service that runs on p22. .. I injected my own user request burp pro... man IF I can obtain user I'll be grateful at this point. I hate asking for help!! any pm's?

    You got LFI, that's nice. Good job. You should stop overthinking this step, I know it might sound stupid because it is not possible for us humans to stop overthink. What I'm saying that it's easy at that step. Simple enumeration will get you to the right path, enum again and again. PM me if you need any hint.
    Sorry if I spoiled or anything.

    v1ew-s0urce.flv
  • may I get a hint, I already unzip the zip file and have the words in secret, also enumerated the port of service and got password but after login in this service I am still a normal user not root I need some hint

  • @Txos1 @opanwar @JohnVanBoxtel

    Thank you so much. Got Root.

  • rooted big thanks to @xdaem00n

    Arrexel
    OSCP | I'm not a rapper

  • @m1chaelsh1 said:
    may I get a hint, I already unzip the zip file and have the words in secret, also enumerated the port of service and got password but after login in this service I am still a normal user not root I need some hint

    Make sure you read up on and understand the services you are using to connect to the target machine as well as what those ports represent. The other people I've helped on this box seemed to have gotten a lot out of the following advice:

    If that service(s) was not already installed on that machine, how would you go about creating an installation? Where would it install too, create files at, and what other types of files are possible to be created to streamline the use of the service? After that, really think about how connections are made. If you are user, dump a process list and observe who is running what processes, including command line options. If you are unsure of why options are used, grep the man pages and figure out why. This should lead you to what you need to do to complete this box.

    Arrexel

  • a question how did you guys know in which port the service running,,nmap only show two ports and p s aux no port mention their

    Arrexel
    OSCP | I'm not a rapper

  • I have found a password list, but not able to decrypt it. Any suggestions on PM would be very much appreciated

  • edited July 2018

    just rooted :)

    Big thanks to @Sandshrew and @sazouki

    PM for any hints

    Thanks.

    lahirukkk

  • Finally got root. PM for hints...

    I will say that what made me take a while on this box was overthinking the scenario.

    @xdaem00n thank you for your post that said enumeration was the only thing truly necessary for user & root.

Sign In to comment.