Hint for Sunday

@Takao said:
In getting root, w**t is the program that will help me?

Yes, read through the options on the man page. Keep in mind that if a program errors, often it will give you information on what lead to that error.

Finally got user and root.

Tbh this machine is not that hard but people keep messing with the machine constantly, so the process was really slow and painful.

wget is not just for download, sometimes you can use it for upload with help of post method .

can i use rockyou to get through ssh?

nevermind, got it!

which word-lists did u use to crack the root’s password?

Any hint for privesc? i try many vectors…

Just rooted the box. It was fun and learned alot the simple things.

For priv esc just read the above comments .

After 1 hour I got the hash, now spending 2 hours just because people are messing with the box. Every time i log in the hash is either different or missing. At this rate cracking with hashcat is also impossible. Please PM me i need some help.

@Takao said:

@Planetxort said:
For people who are complaining about finding only two ports…try harder.
For people complaining about not finding where the user.txt is, think about how you can find the correct directory.
For people complaining about priv esc…realize there are other ways about going about it.
For people stuck on obtaining root, think about how you can enumerate further with that privileged user.

Finally got user & root

In getting root, w**t is the program that will help me?

I didn’t use a program

To all the people complaining about the nmap taking too long. Try redefining your parameters. For this box in particular, using what I always use didn’t work. If you’re confused to what I mean, think about how ports work. That’s all I can say without straight up giving it away.

@Planetxort said:
To all the people complaining about the nmap taking too long. Try redefining your parameters. For this box in particular, using what I always use didn’t work. If you’re confused to what I mean, think about how ports work. That’s all I can say without straight up giving it away.

Root flag obtained… Thank you all for your help!

I will try harder.

I got into the machine as the 1st user and found the 2nd user along with the user.txt file. I ran an enumeration script to see how I could escalate privileges to read the user.txt file and the only result I get tells me that I can s*** without a p***** but it’s not working as expected. I don’t want to spoil anything so if someone willing to point me in the right direction could PM me I can give more details. I’m just trying to get the user flag.

Finally got it! This box had me banging my head against the wall for ages on the user pivot! The best hint for me was to go back to the / and just manually look it everything you see. Once you see it you wish you could get the time .back. Root was much easier, with one tool in your toolbox there’s only so many [options] you need to include

managed to finally get the users.txt and have checked through a lot of files/directories and am at a loss for getting root, any small hints plz?

got it!

been stuck for so long on trying to crack second user password someone help me

Stuck with privesc … I have ideas on what to do but still couldn’t make it! any one to help ?

Finally got both the flags. Pm for any hints if needed !

Finally got the root flag. Many thanks to the creator of this box!!! Really funny box! I learned a lot!

Hack The Box

If you see my profile, i got root for sunday. But, while i was enumerating, some user created a file , i did read it and i got a gift root key!!! Can someone help me in order to find the right path by pm?