Yes⌠finally got root. Was messing up one of the stupid ports in the final command. PM me if you need any hints!
Rooted. I learned a couple of things from this box. First, one of my go-to recon tools doesnât produce all the output I want on this particular OS so I googled a little and found another tool that provides the right information. Second, how certain services handle credentials (I am simply shocked, shocked I tell you).
I had already in the past spent a long time learning about how to see the light at both ends of the tunnel going in both directions, and I tell you that week was TOTALLY worth it. It has been a lifesaver and a huge timesaver over and over again.
@royc3r said:
i decoded the .txt using the methods mentioned in this thread and have the user/pass but I canât ssh with thatâŚshould i be able to?
Also its Caps sensitive
Is it just me or yesterday this box had vnc service? Today I get only 22, 80. Does that mean that vnc is not important for this challenge or something else happened?
@milosa said:
Is it just me or yesterday this box had vnc service? Today I get only 22, 80. Does that mean that vnc is not important for this challenge or something else happened?
It still has it but youâre looking in the wrong place
good maschine maaan the last bit give me the SH*****TS lol
but got root aget +1 respect those who assisted me should mention name
I managed to get root but I donât entirely understand how the process worked, can anyone PM me and explain it to me?
Wow⌠So easy yet tricky. Donât think too hard on decoding or finding a crazy convoluted procedure, research the service running on the machine and how the service runs, how it authenticates, etc. That should give you all the information needed to get root. PM me for hints.
I am at the final part, I can start the service but it logs into the normal account and not root. I really need help getting root on this box if anyone can lend a hand on what I need to do next
Ive just rooted this box after like 3 days of trying and i have to agree with everyone that says that everything is here in the posts i got there in the end
I am on priv esc. I figured out the service running on the first date but now when i tried to enumerate the box, the service is no longer running. can anybody help me with this. Is the service running occassionaly?
Got the service running and tried to connect to it. Wasnât prompted for a password and screen is grey. What do?!
iâm not able to unzip a secret.zip file even i entered a right password today. yesterday it works fine but today it is not working. i pull it on my system i got only one file âsecretâ when i extracted with correct password. any thing goes wrong?
@jupitarsat said:
iâm not able to unzip a secret.zip file even i entered a right password today. yesterday it works fine but today it is not working. i pull it on my system i got only one file âsecretâ when i extracted with correct password. any thing goes wrong?
You are on the right track. You got what you needed from the zip. Enumerate running services and figure out how to use it.
@ompamo said:
@binzahur said:
any way to determine file type of un compressed file? Any hint pls.Use the âfileâ command, but Iâm afraid it wonât help in that case.
@binzahur said:
any way to determine file type of un compressed file? Any hint pls.
char%20det
I owned the user already (so Iâm trying to own the root), but for some reason I am no longer able to access the URL âhttp://10.10.10.84â, or any other IP address for active machines. According to Login :: Hack The Box :: Penetration Testing Labs, my connection is working, and I was able to access it originally when I initially owned the user, so I donât know why I wouldnât be able to access it anymore. At first when I started having this issue, it would load sometimes (but rarely), but for the past day it hasnât been working at all.
Also, at first, I was able to ssh into the system and get the text to own the user, but now Iâm not able to do that either. When I type in the command, it either doesnât do anything (and after a few minutes I keyboard interrupt it), or it prompts me to connect to âCharix@poisonâ (usually at least a minute after I started the command), but when I put in the password, it re-prompts me for a password, even though the same password worked the first time. After the second or third attempt, I usually get a âpermission deniedâ or âconnection closed by 10.10.10.84â error.
Every time I ping an active machine, I get 100% packet loss, which I didnât get before when I initially owned the user.
I have re-generated my VPN keys several times, and the issue persisted.
Am I doing something wrong? This is the first thing Iâve done on this website, so Iâm not overly familiar with everything yet, but I just canât imagine why it would work the first time but isnât working againâŚ
Hoping someone can give me a nudge in the right direction. Iâve got the secret file and set up something you can see the light at the end of, but Iâm confused on how to connect as the right user. The way Iâm trying it right now, I get in as the user with normal permissions. Iâm not sure if I have the syntax correct, so hoping someone can push me in direction I need to go.
got root finally. Hate this boxâŚ
Got root â â â this box taught me a lot especially to not overthink things, keep it simple guys and read all the good threads and its hints they are very helpuful. Read the man pages of the tools once you identify the services running on the box. Spoiler Removed - Arrexel
Think about where to use the zip file and how, thatâs it.