Olympus

15681011

Comments

  • i found a repository! is it where the game starts?

    masuse

  • edited August 2018

    I think this is my favorite box so far. The Olympia part had me frustrated for quite a while, but it was worth it. Nice one @OscarAkaElvis

    Prj7g1d

  • Hey guys, I found a specific header that gave me a possible hint on where to go. (As said before in the thread, a dev-like tool). There's an exploit module on MSF but after sending the requests, the server answers with a RST package. I was trying to abuse this manually, but I'm having a nightmare installing the needed tools and whatnot, so much that I am no longer sure if it is just a rabbit hole. If this is the right way to go, may I ask a little help with the set up of the environment and everything, and if it's not, any hints would be appreciated.

    Hack The Box

  • I didn't read through this thread, so I'm not sure what was said here. The box isn't hard in-regards to enumeration. Everything is almost always in front of you (i.e. where you land, you can obtain the clues/creds to move forward). The tickiest part for me was understanding where the .cap came in because (although I discovered/cracked it very quickly) I didn't think to use it's information in that manner. Everything was straight forward. Ending was super easy.

    I'm open to give hints to folks that need help. Please PM me, if so.

  • edited August 2018

    I'm really enjoying this machine :-)

    EDIT: got root. Really nice box, privesc was interesting but not anywhere near as much as user. You can PM if you need any hint.

    Elio

  • Finally got root, got to say great box, learned a lot about docker. Great job @OscarAkaElvis .

  • I'm somehow not sure why I am not able to get a shell using the msf/py exploits available. Reached out to many of them, checked in wireshark as well. Everything seems fine, but somehow, something gets fucked up and I get an RST from 10.10.10.83, which is very weird.

    pzylence
    OSCP

  • edited August 2018

    Rooted!! This was a wild ride. I appreciate the help from everyone. If you need hints PM me ;)

    heigou

  • Ok, I have a shell to this box, I cracked what could be cracked, but I don't seem where to go from there. I know that I am on a limited environment, but I'm not sure if I should escape it, abuse it, priv escalate from there and I'm running out of ideas. Any hint?

    Hack The Box

  • @HeiGou said:
    Got a connection to a box, got the message from the gods, got a strange IP. Any hints on how to pivot and use that? I normally dont work very much with the D service and am stuck :astonished:

    Collect more information on what you got from the gods, Dig is your friend.

  • @DarkNight7 said:
    Ok, I have a shell to this box, I cracked what could be cracked, but I don't seem where to go from there. I know that I am on a limited environment, but I'm not sure if I should escape it, abuse it, priv escalate from there and I'm running out of ideas. Any hint?

    There is another information on the cap file. browse the packets and you'll find it. After that you have to make some educated guess to use SOME parts of those 2 informations as login credentials on a service running on the box that you already know!

  • edited August 2018

    Rooted, thanks @OscarAkaElvis for great experience!

    • The Crete island would reveal its secrets to those who don't hesitate to look at heading part of the waves that leave the island.
    • After you enter the Olympia you should be looking for a way to go through the Zeus' flight experience, that was accumulated to some essence lying next to the god's message.
    • The knowledge gained from such an experience would let you enter the Rodhes. Btw, you heard this song? Don't know about you guys, but I do love it.
    • Opening the portal to Hades requires some ancient magic technique so... Wait, I think there's someone at my door, I'm gonna have a look...
    • Now, where was I? Right, the Olympus. The Olympus would yield to those who don't hide their love to whales. Beautiful creatures, aren't they? ;)

    Hope not too much a spoiler xD

    HTB

  • @snovvcrash said:

    • The knowledge gained from such an experience would let you enter the Rodhes. Btw, you heard this song? Don't know about you guys, but I do love it.

    If you really loved it, I think you might like this one as well!

  • I love whales but I don't know them so well ... do I need to study really everything on them ?

  • @mboh said:
    I love whales but I don't know them so well ... do I need to study really everything on them ?

    you are just one Google search away from so many amazing writeups with similar privesc/CTF situation.

  • yeah, sorry, found the right whale. :)

  • Got user.txt - Most enjoyable box I've done yet...

    Mochan

    Checkout my Dropbox of Goodies >> https://www.dropbox.com/sh/ba0t59c5fnccgms/AACvUbUSflWB1_AAgj8okEUra?dl=0

    [CCNA R&S] [OSCP - In Progress] [Security+ - In Progress]

  • @pzylence said:
    I'm somehow not sure why I am not able to get a shell using the msf/py exploits available. Reached out to many of them, checked in wireshark as well. Everything seems fine, but somehow, something gets fucked up and I get an RST from 10.10.10.83, which is very weird.

    same here the Reason is because of ping latency issue. that the only thing that i can comeup with so my be am i open AWS instance in Europe and see if i can try again. only think i can think of lol.

    Arrexel
    OSCP | OSCE half way!

  • @mochan said:
    Got user.txt - Most enjoyable box I've done yet...

    dude nice link man thank you! you got some nice staff on your dropBOX OSCP ill be doing in 4 month... just going for AWS Cert next 1 so been busy with that.

    ill PM regarding about OSCP ether ways excellent file thanks for sharing

    Arrexel
    OSCP | OSCE half way!

  • @laylow said:

    @mochan said:
    Got user.txt - Most enjoyable box I've done yet...

    dude nice link man thank you! you got some nice staff on your dropBOX OSCP ill be doing in 4 month... just going for AWS Cert next 1 so been busy with that.

    ill PM regarding about OSCP ether ways excellent file thanks for sharing

    Thanks man - I usually add new resources everyday! - Enjoy :)

    Mochan

    Checkout my Dropbox of Goodies >> https://www.dropbox.com/sh/ba0t59c5fnccgms/AACvUbUSflWB1_AAgj8okEUra?dl=0

    [CCNA R&S] [OSCP - In Progress] [Security+ - In Progress]

  • Can someone drop me a hint for priv esc? The whale hint means nothing to me and I've been enumerating for hours!

    Mochan

    Checkout my Dropbox of Goodies >> https://www.dropbox.com/sh/ba0t59c5fnccgms/AACvUbUSflWB1_AAgj8okEUra?dl=0

    [CCNA R&S] [OSCP - In Progress] [Security+ - In Progress]

  • edited August 2018

    what about docks ?

  • edited August 2018

    Rooted!! - Special mention to @raulcpop for the pointer! If anyone needs help my PM's are open.

    Hints :-

    Crete - Do not overthink... Play around with burp & google ;)
    Olympia - Also do not overthink - Once you find the file you have everything you need to progress...
    Rhodes - Enumerate enumerate... If you run into issues it will be because nameservers... editing /etc/resolv.conf on your local box will help you
    Priv Esc to Root - Do some Googling on what's on the box! You will get there eventually.

    Mochan

    Checkout my Dropbox of Goodies >> https://www.dropbox.com/sh/ba0t59c5fnccgms/AACvUbUSflWB1_AAgj8okEUra?dl=0

    [CCNA R&S] [OSCP - In Progress] [Security+ - In Progress]

  • got root!
    Overall a good machine. Pretty forward hacking/ctf.
    The only thing I really struggled was waiting for the cracking and the educated guessing in Olympia...
    if someone needs help - PM me

  • > @laylow said:
    > @mochan said:
    > Got user.txt - Most enjoyable box I've done yet...
    >
    >
    >
    >
    >
    > dude nice link man thank you! you got some nice staff on your dropBOX OSCP ill be doing in 4 month... just going for AWS Cert next 1 so been busy with that.
    >
    > ill PM regarding about OSCP ether ways excellent file thanks for sharing

    Can i have the dropbox link of oscp
    I will pass my oscp exam soon and any advice to pass the exam is wonderfull

    Raouf09

  • hi
    im sill stck on road to hades
    how can i open temporal portal to Hades anybody pm me

    Raouf09

  • @mochan thanks for sharing your resources in dropbox. Im currently doing OSCP training now.

  • Just rooted this box and it was my favourite on HTB so far, great job @OscarAkaElvis

    The part where you need to do a bit of guessing threw me a bit

    jamesa

  • 2 days and still in the first steps. could any one give me a hint, if any one else here trying still trying we can do it together,

    Hack The Box

  • i get to 2 accessible files from the gob***** that the all thing that i find, ... still thinking and searching ,

    Hack The Box

Sign In to comment.