Poison

I just woke up and about to try and Tackle this again, if I figure out anything I’ll hit you up in a DM

3 hours with nothing - how to do this -_-

its hard so much i just find the encode file with 13 times

and i can’t do anything about it

i tried ssh with it but nothing its says public key -_-

i hope i got any hint from you guys ^.^ help me to go out of noobs area

If it is encoded x amount of times then you need to decode it amount of times… Figure out the encoding and it should be simple

@ashishjv1 said:
Hey ! I’m stuck at this same place . I have been using the vv*wer via option without any luck.

If you find the answer let me know , maybe a push in the right direction

Hi, I am trying to do the impossible_password but when extracting the .zip file to a .bin when extracting the .bin it turns into .bin.cpgz opening that turns it back into a .bin.

I’m using MacOSX archiver utility and downloaded The Unarchiver with no luck. Any help is much appreciated

@3s073r1k said:
@ashishjv1 said:
Hey ! I’m stuck at this same place . I have been using the vv*wer via option without any luck.

If you find the answer let me know , maybe a push in the right direction

Hey ! I got root . I can say that you are in the right direction ! Just keep Going ! If you need more help PM me.
:slight_smile: :slight_smile:

And Thanks to @felli0t @Monkey23 for all the help !

Hey all, can someone PM me a hint for priv escalation PLEASE. I got on the box, extracted the secret, have an idea of which service to use it with but not sure how to use it. Been on this for 2 days now and its driving me crazy!

any hint to find the user name? i have that pwdbackup.txt , still working on to decode it.

got the service …but dont know how to use it …decoded the secret pasword .

Finally got root on this after a LOT of reading and perseverance. Great box. Happy with my first root on HTB!

@madbro said:
having an "event not found " while unzipping!! any idea?
using unzip -p password zipfile.zip syntax
please help

I had the same problem, solved it with a very rough solution of running python -m SimpleHTTPServer to pull it down and then push the extracted file back up, along with wget

I still haven’t been able to read the contents of the file inside ***.zip, I think that’s the last thing I need to get root on this box, so if anyone wants to give me a hint on that, that would be awesome.

@MAX3D said:
3 hours with nothing - how to do this -_-

its hard so much i just find the encode file with 13 times

and i can’t do anything about it

i tried ssh with it but nothing its says public key -_-

i hope i got any hint from you guys ^.^ help me to go out of noobs area

Once it’s decoded enough (you’ll know when you get there) and you have a username, look at what ports are open. You’ll see how to connect then. That will help you get user, don’t ask me about root, I’m so close but haven’t quite gotten there yet on root myself.

@GinoKun said:
Can someone pm me the tips? currently stuck after extracting the .zip and don’t know what to do

I pulled the zip down to my machine to extract it (python simplehttpserver and wget) but I can’t help you with reading the file inside it, stuck there myself.

i can’t do scp to poison, it gets stuck at 100% and doesn’t complete. any ideas ?

Can someone give me a hint?
found secret in .zip file figured out what to do but i cant use it in the given service

check what services running

Finally got root, special thanks to @lahirukkk for all the help! User was so easy, root was surprisingly hard until I realized I was running the commands in the wrong place!

@n0bf said:
Finally got root, special thanks to @retr090 for all the help! User was so easy, root was surprisingly hard until I realized I was running the commands in the wrong place!

congratz mate!!!

Can someone please PM me and help with my vnc syntax?

After 4 days trying to break priv escilation, i got my first root in HTB. Big thanks to @ashishjv1 for the very valuable tips