Poison

Can someone give me a hint?
found secret in .zip file figured out what to do but i cant use it in the given service

check what services running

Finally got root, special thanks to @lahirukkk for all the help! User was so easy, root was surprisingly hard until I realized I was running the commands in the wrong place!

@n0bf said:
Finally got root, special thanks to @retr090 for all the help! User was so easy, root was surprisingly hard until I realized I was running the commands in the wrong place!

congratz mate!!!

Can someone please PM me and help with my vnc syntax?

After 4 days trying to break priv escilation, i got my first root in HTB. Big thanks to @ashishjv1 for the very valuable tips

@Shado7836 said:
After 4 days trying to break priv escilation, i got my first root in HTB. Big thanks to @ashishjv1 for the very valuable tips

:slight_smile:

Guys, when you own a user, dont change the password. i had to reset to get the user password working.

Ok I think I need some help with root.

I have written up a three step plan on how to get root, and I dont see why it isnt working.

  1. Start the server of the service in question on my local machine. Set it to be :1

  2. Create tube to securely transmit information through from localhost to poison, collecting from the port that :1 will be transmitting on on my machine to the same port on poison.

  3. Connect to the service running on localhost:1

  4. Sit and watch as the terminal cursor blinks at me and nothing happens. It does not ask me for a password like it does if I connect to localhost:2 (which is NOT being pumped out the tunnel fyi)

What am I missing here?

Also on the file from the zip; I can see it is a passwd file for a special service, but does it go on my machine, or on poison?

r00ted. Again a tough fight, but learned a lot. Thanks for the box :slight_smile:

Can someone help me with root? I already unzipped the secret file and I think I also found the right command to use it with. But I always get “Authentication failed”. Can someone send me a pm?

Edit: Finally rooted it :slight_smile:

I think I’m on the last step and have a couple clarifications / questions if I could PM someone.

EDIT Was able to get root. If anyone needs a nudge feel free to message me.

Spoiler Removed - Arrexel

So close, can I PM somebody for hints on v*******r? I can connect but whoami is just the unpriv user.

got user access and also learned a lot about service running to get root access but through that service also I am getting user access and not root access.please PM …

Hi, I am struggling with the step after the user.txt and secret. Need some kind soul to help me on the tunneling… Anyone can DM me please?

Edit: Guys, rooted, DM for Hints

ok. Im at that ‘grey screen’ ive seen mentioned. Fix the display settings and im there… Right?
This has been a fun box. Learning loads.

Okey guys, solved it, PM for hints.

Can i have a hint about how to fix the ‘grey screen’ ?

@joe0x5a said:
ok. Im at that ‘grey screen’ ive seen mentioned. Fix the display settings and im there… Right?
This has been a fun box. Learning loads.

If you look at the running processes, there are likely a few instances of that running. Be concerned about the one running on root and how you ‘get’ to that one.