Carrier

@darkkilla said:
I really am stuck at where I think I have to h****k $target using “a particular method”

Forget my earlier request, I’ve popped root. :slight_smile:

got the user but stuck on priv esc
i know its multi con****** box found the 2 other addr but there is only one service on those con*****rs
from the picture i see the situation but how can i found the port running the web server
can anyone pm to discute about it plz

what. a. pain. but finally root.

This is killing me. I feel like I have an idea how to progress but not only can I not seem to get it to work, but I’m not even sure it makes sense any more.

This is an awesome box. If I ever get root, I will have learned a lot.

Thanks @snowscan, but I am not sure if I hate you or not :smile:

@TazWake said:
This is killing me. I feel like I have an idea how to progress but not only can I not seem to get it to work, but I’m not even sure it makes sense any more.

This is an awesome box. If I ever get root, I will have learned a lot.

Thanks @snowscan, but I am not sure if I hate you or not :smile:

DM

Does this require any specialized tools or scripts once you’re connected or can it be accomplished with standard bash commands?

@Skunkfoot said:
Does this require any specialized tools or scripts once you’re connected or can it be accomplished with standard bash commands?

I used a static version of nmap, it’s not 100% required but still helps a lot.

Rooted after 2 days. Nice work @snowscan, learned a lot from this machine

@Skunkfoot said:
Does this require any specialized tools or scripts once you’re connected or can it be accomplished with standard bash commands?

I wrote a simple bash script for that.

finally had the time to work on privesc, new stuff comes to HTB and that’s a very good thing!
i think last step is quite contrived anyway.
thanks snowscan :slight_smile:

Finally rooted :slight_smile: It took a while mostly because it was really hard to figure stuff out with routes constantly changing, people messing with b** etc. But it was a great challenge anyway, I feel really proud of myself :smiley: Thanks @snowscan!

ok can i ask for some help with the reverse shell, i will explain in PM where i am at so as to now ruin it for anyone, or “repeating” what others are saying…

@RPSUK said:
ok can i ask for some help with the reverse shell, i will explain in PM where i am at so as to now ruin it for anyone, or “repeating” what others are saying…

PM me

done

guys i understand everybody is here to learn, but i think before doing this box you should study a bit linux networking configuration. i mean don’t pretend in pvt i explain you even how to add an ip to an eth. just google it. if you just run cmds without understand what they do well… good luck.

@0xlc said:
guys i understand everybody is here to learn, but i think before doing this box you should study a bit linux networking configuration. i mean don’t pretend in pvt i explain you even how to add an ip to an eth. just google it. if you just run cmds without understand what they do well… good luck.

I see what you did there…

Kinda need some help, I can’t find the number I’m looking for… PM me if you want to help me out :stuck_out_tongue:

Spoiler Removed - Arrexel

@missionstarted said:
Spoiler Removed - Arrexel

Think “common misconfiguration”

@missionstarted said:
Spoiler Removed - Arrexel

Check the meaning of error codes