Celestial hint

167891012»

Comments

  • hey uhh....is the root flag supposed to be in one of suns directories..?

  • Rooted, if needs help PM me, or catch me on netsecfocus @lilocruz.

  • Got root.txt!!!!

    Want to know how to get root access anyone can help?

  • i dont have burp professional, is zap has same features ? i haven't used zap much. and my burp pro license expired.

    masuse

  • Hello, I am following the article and i have generated the excact same payload as in the article. But when i send it in place of the snickerdoodle i am getting a bunch of syntax errors in the response, any ideas?

  • @Monkey23 said:
    Hello, I am following the article and i have generated the excact same payload as in the article. But when i send it in place of the snickerdoodle i am getting a bunch of syntax errors in the response, any ideas?

    same problem

  • When I upload payload I've this error:
    SyntaxError: Unexpected token r
    at Object.parse (native)
    at Object.exports.unserialize (/home/sun/node_modules/node-serialize/lib/serialize.js:62:16)
    at /home/sun/server.js:11:24
    at Layer.handle [as handle_request] (/home/sun/node_modules/express/lib/router/layer.js:95:5)
    at next (/home/sun/node_modules/express/lib/router/route.js:137:13)
    at Route.dispatch (/home/sun/node_modules/express/lib/router/route.js:112:3)
    at Layer.handle [as handle_request] (/home/sun/node_modules/express/lib/router/layer.js:95:5)
    at /home/sun/node_modules/express/lib/router/index.js:281:22
    at Function.process_params (/home/sun/node_modules/express/lib/router/index.js:335:12)
    at next (/home/sun/node_modules/express/lib/router/index.js:275:10)

    Any hint please?

  • Rooted PM if you need help

  • got user kblooie, now for the priv esc

  • Rooted, was surprisingly simple after spending so long to get the initial access. Just as with the machine Poison, when you get initial access just enumerate. Go through everything the machine is doing and running, you will find the way.

  • Need help or a little nudge? Inbox! :)

  • edited August 2018

    I got a NC shell, got the user.txt. Now stuck :(

    Hack The Box

  • @dennisveninga said:
    I got a NC shell, got the user.txt. Now stuck :(

    There're tons of hints in this thread for privesc. Just enumerate the box a bit, there're might some files of interest around you. And, of course, keep an eye on the clock ;)

    HTB

  • edited August 2018

    Can somene help me on the priv esc?
    I've detected the clocky file and which script overwrites it.
    I can't, however, edit it. Vi won't work over the reverse shell I've got.

    User was miles easier than it, tbh.
    I'm not even sure about what to do. I'm really stuck.

    Thanks for any help.

  • So I'm having an issue with my listener. It keeps giving me the error: inverse host lookup failed
    Can someone please PM me about troubleshooting? Thanks!

  • Hi mates, im so frustated wirth this machine, im trying codes 4 reverse shell but nothing, appreciate hints pv me plz!, thnx

  • come someone PM about privesc? got root but im kind of confused the way i did

  • I'm stuck on the "An error occurred...invalid username type" please PM me if you have any tips

  • edited August 2018

    Got root on this one.
    That root.txt was a dirty move. It's not hard, just dirty. I knew what I had to do a few minutes inside the shell, but I though I was coding wrong for a many long hours.

    The user on the otherhand was an amazing experience.

  • I'm stuck on the "An error occurred...invalid username type" please PM me if you have any tips

  • Can you guys please stop DoSing the server...

    Bowlslaw

  • Hi guys,

    Even using nvm I continue with error when running payload, can someone help me?

    throw new TypeError('"callback" argument must be a function');
    ^

    TypeError: "callback" argument must be a function
    at setTimeout (timers.js:450:11)
    at Socket.eval (eval at (eval at exports.unserialize (/root/node_modules/node-serialize/lib/serialize.js:75:22)), :21:9)

  • Hi!
    I get root but I don't know exactly how. Can anyone PM me to explain that??

    Thanks in advanced!

  • Hi, can anyone help me. I'm stuck at privesc. After reading all the comment I get few hints but still I don't know what to do :frown:

  • hello. am getting error "invalid username type" in burp suit..any hints ???

  • Can someone please PM me for obtaining initial access? I have tried many things and I won't post them here because they are spoilers. It feels like I am making a very minor error, or my nc command is wrong, or something...

    Bowlslaw

Sign In to comment.