Bounty

145791016

Comments

  • I'm stucked at priv esc. Feel free to PM to help me ;)

  • Rooted! That was a really fun initial shell! If you're struggling with privesc, take a step back and don't over complicate it! Google has the answer, enumerate more :)

  • finally got SYSTEM on this box. PM for hints

    direct2600

  • Can someone PM me regarding file upload. Don't want to put any potential spoilers here...

    Haydo

  • edited July 2018

    i'm still not able to figure out how reverse shell is achievable. i've tried multiple ways to upload files, but still not getting anything.

    Edit: nvm this box is fun! New things to learn! Thank you @mrb3n !

    pzylence
    OSCP

  • edited July 2018

    @wildkindcc said:
    Rooted! That was a really fun initial shell! If you're struggling with privesc, take a step back and don't over complicate it! Google has the answer, enumerate more :)

    I don't get the point :D
    edit: nvm, got it! :)

  • I'm pretty much beating my head against the wall here. Can someone PM me some hints. I've enumerated, tried numerous uploads and I'm out of ideas.

  • edited July 2018

    Spoiler Removed - Arrexel

    Arrexel
    OSCP | OSCE half way!

  • I have the CVE exploit uploaded and in place. I cannot figure out how to leverage it for System owning. Can anyone DM me with a hint please?

    Hack The Box
    Follow me on Twitter: @C_3PJoe

  • @laylow That part is frustrating. You only have about a 30 second window to get in before it gets overwritten. This box is best attempted in the middle of the day when people are at work.

    Hack The Box
    Follow me on Twitter: @C_3PJoe

  • edited July 2018

    @C3PJoe said:
    @laylow That part is frustrating. You only have about a 30 second window to get in before it gets overwritten. This box is best attempted in the middle of the day when people are at work.

    man i am from australia so i can only attemp when this time. problem is i get to start to work with australians any team australians around at all..

    also man you are 100% right mate.. soo frustrating i loud my files get to inside server threw the web interface i got both username but i can't get inside the folders even tho i have even changed the password for both users i dont get enough time to do it cos asson i go for some friking crushs or overs right the stupid file. i can,t even get chance to uploude a excutible file can't netcat also cos it crushs by the time i finsih all my staff can you pm what payloud you using i tried to open session but it just fails

    Spoiler Removed - Arrexel

    Arrexel
    OSCP | OSCE half way!

  • people. stop fucking up the box!

    pzylence
    OSCP

  • rooted finally! this box was a fun ride!

    pzylence
    OSCP

  • any help will be appreciated. pm me with details. Ive tried dirb but im just not sure what I should be looking at.

  • got user but i can't get seccond session because some how million people are uploading staff and session keeps dieing on me.. so ill try privac root user later.. guess.

    Arrexel
    OSCP | OSCE half way!

  • Stuck trying to turn the RCE I've managed to become a reverse shell.

    Tried both direct reverse shell + uploading shells not nothing seems to work currently. Any pointers ?

    KCSEC -- for Pentesting/hacking guides and Tools.

    https://www.ivoidwarranties.tech/ - KCSEC Website
    https://github.com/KCSEC
    https://www.facebook.com/KCovertSEC/

    Join the KCSEC HTB Team

    https://www.hackthebox.eu/home/teams/profile/655
    KCSEC

  • i am this box too much breaking but at last done. biggggest thanks to one man that Pzylence top block!

    Arrexel
    OSCP | OSCE half way!

  • @IVWKCSEC said:
    Stuck trying to turn the RCE I've managed to become a reverse shell.

    Tried both direct reverse shell + uploading shells not nothing seems to work currently. Any pointers ?

    dm me.

  • Stuck on priv esc, also the user.txt seems to have disappeared? Searched everywhere incl Desktop, only found a .lnk file referring to it. please feel free to PM me :)

  • Anyone willing to pass on a hint for Priv Esc? I've been banging my head against the wall for several hours trying to find stuff like passwords, and manual enumeration on just about every file I seem to have access to. There must be something staring me right in the face.. Thanks in advance!

  • edited July 2018

    Edit: nvm

    cortex42

  • Come on! someone delete my shell every time, i don't get this for a minute !!!!

    Hack The Box

  • Rooted !

    Jugulairel

  • Finally rooted! Thanks @laylow

  • ugh this is killing me, I upload the "file" and try to navigate to it and it says 404. Nudge?

  • Got user flag, but can't seem to get reverse shell going. Tried msfvenom, but getting nowhere, please PM

  • @km0xu95 said:
    Finally rooted! Thanks @laylow

    you welcome good work bro!!

    man some machines are easy for me some how but some soooo hard!! especialy linux need to work more on those. still newbee tho lol!!!

    Arrexel
    OSCP | OSCE half way!

  • Can somebody pm me with a hint on catching a reverse shell? I've tried multiple extensions but not catching a callback.. just need a push in the right direction!

  • Right, finally managed RCE to get the user flag, No progress on getting a reverse shell working or priv escalation

    Parttimesecguy

  • rooted.. for priv esc I SUGGEST, look for all available vulnerabilities on the system.

Sign In to comment.