Hint for Sunday

been stuck for so long on trying to crack second user password someone help me

Stuck with privesc … I have ideas on what to do but still couldn’t make it! any one to help ?

Finally got both the flags. Pm for any hints if needed !

Finally got the root flag. Many thanks to the creator of this box!!! Really funny box! I learned a lot!

Hack The Box

If you see my profile, i got root for sunday. But, while i was enumerating, some user created a file , i did read it and i got a gift root key!!! Can someone help me in order to find the right path by pm?

I got root.txt but I wasn’t able to crack root for a certain file, is it supposed to be possible? With what wordlist? If anyone would like to give me a tip for this in private that would be great.

Rooted ! Nice box btw, just annoying when people crash the box, ppl, a bomb its not necessary, never, :+1: Just enumerate :wink:
Any hint, just ask :smiley: !
cheers!

This one was a mssion but finally rooted!!

Im thinking about if the high port number is a “sunset” ?
If that’s correct, rolf, +1 to creator haha !

so is it possible to actually obtain the password i need for initial access or am i stuck with wither brute forcing against my users list or simply trying to guess.???

feeling pretty stuck, my BF attempt doe’st look like its a viable method, been running a while

Has anyone got a hint for root.txt? I know I should use w**t and tried several things which didn’t result in anything yet… PM would be nice

Hi, could someone help me with a hint regarding the second user. I guessed the first user pass and I am in and found a hash, but I am not sure if cracking it is the right way. Thx

Who is changing passwords, that too in 40 seconds of reset -_-

@nitinrkz said:
Who is changing passwords, that too in 40 seconds of reset -_-

The box is very unstable. People changing its configuration.

But 40sec is insane, and now i am not able to reset it nor login

Got first user ssh, found text …got second user hash …please PM me with a nudge on cracking the second user.

@beards4ever said:
Got first user ssh, found text …got second user hash …please PM me with a nudge on cracking the second user.

Nudged myself …got the second cred …but now the ssh service is getting DDOS’d …no need to bruteforce the service to get this box.

  • edit - not being DDoS’d …for got to change the darn port …now trying to get root

Anyone want to give a N00b a push on the method to push the flag back to socket …know basic concept but syntax is being problematic …hit me via PM

@pp123 said:
Ok, I got root.txt, but should you also be able to access the box as root user? Could someone clarify that for me, please?

Yes it is possible.

Finally got root …tried to get way to fancy… thanks to @Draco123 …for the final push