Hint for Sunday

I’ve done it! No help needed anymore!

Need help with sunday. can anyone PM?

Nice box, feel free to pm me

I am logged in but cant read anything. need a little nudge

@elio said:
Can I PM somebody for the hash to crack (for sa***)? Syntax seems alright but it can’t find anything (using hashcat and rockyou).

EDIT: Tried again and it worked instantly, not sure what the problem was but oh well :smiley:

EDIT1: And root.txt obtained. Perhaps there were more ways to capture the flag using the same tool, if anyone wants to discuss them, PM me.

can you help me with the hashcat command
?

can you help me with the hashcat command

Sure, PM me your syntax!

Hi,

Totally stuck on this one. I have found few services and found some possible users enumerating one of this service but those users have nothing to do with the users everybody here is talking about (for exemple sa*** ?).

Moreover, I cannot manage to make hydra working with Sunday : I still receive some errors like “ssh_exchange_identification: Connection closed by remote host”

Any help would be appreciated thanks !

any help on user ?? got users from finger and now blank?

Got Root!! Thanks @Ismail @elio

@montyongoXOR said:
any help on user ?? got users from finger and now blank?

@14NC3107 said:
Hi,

Totally stuck on this one. I have found few services and found some possible users enumerating one of this service but those users have nothing to do with the users everybody here is talking about (for exemple sa*** ?).

Moreover, I cannot manage to make hydra working with Sunday : I still receive some errors like “ssh_exchange_identification: Connection closed by remote host”

Any help would be appreciated thanks !

just guess some most relevant password for this box, its totally in front of you! one of the user will let you in with some easy guess in 2/3 tries.

@montyongoXOR said:
any help on user ?? got users from finger and now blank?

one of the user has the easiest password you can guess relevant to the box, try to login.

This is incredibly embarrassing but can someone PM a hint for user? I have read every single hint, I have a list of valid users. I’ve tired the most obvious or CTF-y passwords possible by hand and through programs. I’m clearly not doing something right…

Thanks

@BlueGh0st said:
This is incredibly embarrassing but can someone PM a hint for user? I have read every single hint, I have a list of valid users. I’ve tired the most obvious or CTF-y passwords possible by hand and through programs. I’m clearly not doing something right…

Thanks

Today is Saturday, maybe try again tomorrow?

Hello guys I’m stack on the Sunday box all Saturday :slight_smile: I need help,… Every one the tolking about hydra but me I don’t find any login panel… I enumerate all the users I’m trying to connect on the web site but port 79 can not be accessed, I just want one little answer to start again thank you guys

I just rooted the box. Holy sh*t, I went to all rabbit holes during the final privesc, when the solution was practically in front of my eyes. Feel free to PM me if you need any spoiler-free hints.

@skyghost666 said:
Hello guys I’m stack on the Sunday box all Saturday :slight_smile: I need help,… Every one the tolking about hydra but me I don’t find any login panel… I enumerate all the users I’m trying to connect on the web site but port 79 can not be accessed, I just want one little answer to start again thank you guys

  1. Did you do a complete nmap scan?
  2. Are you sure you found all the users when enumerating? What tool did you use for this and what input did this tool use?

@Hacklen said:

@skyghost666 said:
Hello guys I’m stack on the Sunday box all Saturday :slight_smile: I need help,… Every one the tolking about hydra but me I don’t find any login panel… I enumerate all the users I’m trying to connect on the web site but port 79 can not be accessed, I just want one little answer to start again thank you guys

  1. Did you do a complete nmap scan?
  2. Are you sure you found all the users when enumerating? What tool did you use for this and what input did this tool use?

Hey man, I’ve found 2 ports, through one of them I’ve found 2 users.
One of them is guess-able because it’s common in hack the box and the other one is related to uncle sam(not the user, avoiding spoiler- someone who found the user will understand to which user I’m referring)

I don’t know how I can utilize the users\second port I’ve found.
mind hinting\pming a guidance to some sources?

@AviShabat said:
I don’t know how I can utilize the users\second port I’ve found.
mind hinting\pming a guidance to some sources?

Are really sure you found all the ports? Did you do a scan al the way up to port 65355?

get the access to the server , but there is no user.txt file

found it but i can’t read it ?? any hint ?