Dev0ops hints

11516171820

Comments

  • s1ks1k
    edited September 2018

    getting user.txt was a journey.. now after exhausting everything I can think of for privesc, I've hit a wall... can anyone DM me some direction?

    UPDATE: got it.. can't believe it was sitting there the whole time LOL

    Hack The Box

  • I really need some help? Been stuck for a while ? I’m a noob and stuck looking in the past , but what am I looking for ?? (Privesc)
  • edited October 2018

    same can someone please point me to the right direction ? (priv esc)
    non-developer here.

    (disregard, I just GOT IT!)

  • I have user.txt and can read files, but can't seem to format my upload to do any sort of remote code execution. OWASP reading helped but their example code isn't working for me. Can anyone PM me a nudge in the right direction? Without being able to list folder contents it's hard to know what to look for.

  • Something to do with f****.**?

    UPDATE : Nvrmind, Rooted :)

    Hack The Box

  • edited October 2018

    Hey all, need help with priv esc? can anyone dm me?

    UPD: No need. Got root

  • hello! I've found user.txt, logged in with r****, i've been able to switch to g**, had a look back in time, I tried to deal with r** k** but I didn't find a way to priv esc... What am I missing/doing wrong? Thank you in advance

    |GPEN|CEH|eJPT|CySA|

  • Still stuck at the very beginning, can't find any other webpage with dirbuster and dirb

  • This demonstrated a couple of solid everyday vulnerabilities to be aware of. I wouldn't call this a beginner box exactly. Dev0ops is well named. For the last step, look at what the developer has done and what kind of oops she might have committed.

    LegendarySpork

    LegendarySpork

  • @Ozunu said:
    finally got root, if someone needs help, just PM me...

    GIve me a hint buddy.... im struck in pv es.

  • edited October 2018

    Got the r*a key, but getting invalid format. Is this intentional or am I doing something wrong? Any hints? Nvm.. got it the next thing I tried just for kicks...

  • Im stuck in the priv esc. i read the past files and i got an idea with the keys but can manage to got the root any hints?

  • Hey guys can anyone give me a hint as what to do after finding user.txt !!! I am not able to figure out how to enter the machine ....... i did enumerate the users but i am clueless as what to do next

  • edited October 2018

    Someone that points me in the right direction to priv esc
    Edit:
    Finally rooted TT i read some user saying about going back in time and i did it but then i have to go in time again but in other way thanks for the hints in the comments !!

  • Finally rooted! A shoutout to @DeepBlue5 and @Skunkfoot for the helping me.

    Message to non-developers (such as me) for priv esc.

    To avoid looking around in the wrong place. First you must look at what you have and what you are dealing with. Research into how to do things with it.

    If you, like me and didnt know much about this area then its a great learning experience.
    To gain a skill, first you must earn it.

    The space-time continuum is finally restored.

  • Need help on this one. Will someone help? Can get the p****d file, but don't know how to proceed from there.

  • i did not expect that kind of entry.
    i used some tools to make sure my **L file is correct.

    and then root was very simple, look into the first directory you end up in.

  • Got ROOT

    LordeDestro

  • If anyone would like a pointing in the right direction PM me I will help
  • SSH will always return permission denied, am i doing something wrong?:

    drywaterv2

  • Anyone able to give me a hand? I'm at Internal Server Error problem, I believe its my xml file format.

    Trikk

  • @binjnkie said:
    Anyone able to give me a hand? I'm at Internal Server Error problem, I believe its my xml file format.

    the most useful comment I had here is that XML elements are case sensitive,at least for unix based servers. Just make sure the father + 3 sons in your xml file maintain case sensitivity as requested

  • Tips from a Newbie to a Newbie....

    This was my first box to attempt and have just rooted it over about 3-4 evenings. I have basic linux and very basic coding experience, I only very recently learnt about the idea of pen testing! Here's how I approached it, hopefully WITHOUT ANY SPOILERS.

    I downloaded Kali and read up a few walkthroughs of some of the early boxes to understand how to get started. I used two basic tools to carry out what I think you call enumeration, I just used default settings. I expect everyone has done the same so far. From that point on I didn't use any hacking tools (mainly because I haven't yet learn't about them), i did everything manually.

    All the clues I needed were in the website. If I didn't know what the clue meant, i researched what it might relate to, or wrote it down for later. The clues are there to help after all, not send you on a wild goose chase. I think there are 2 or even 3 separate ways to get user, I only found one, so some of the clues I never used. The programming language involved I had actually never used, but it was very easy to learn the basics. Once I had the code, I knew I needed to compromise it. To understand how it worked, I set up a replica of the code on my machine and learnt how I could attack it. That way, I could see all debug errors, variables etc. I would have never worked it out without doing this. Once I could compromise the code, I googled for code examples to inject (e.g. how to spawn a shell). Again, I tested this on my machine, and then it worked against the box. It was very unelegant, but finally I had a way of getting user.txt.

    Once I had some access to the filesystem, there were of course more clues to be found. Because they were only visible with user access, they could only relate to how to get root. Getting root took a lot of frustration, because it involved another programming system I had heard of but never used, and i was getting impatient and not testing attacks locally. I read up on the new system, but in the end I took a copy of the files on the server I found and again replicated everything locally. I finally found the answer, but I could not get the answer to work. Another theory to learn that I was aware of, but had never understood in detail. The reason the answer did not work for me was that I was simply doing it wrong. again, the saviour was replicating the scenario locally, enabling verbose mode on tools (basic tools not hacker tools) so I could see what I was doing wrong. After making a cup of tea (guess my nationality) I sat down and gave it one more go and I was staring at a root shell prompt.

    I have since written a program to gain user access with one step, to prove to myself I could do it. Future work is to explore the other exploits that the clues hint to.

    I really hope this helps other beginners and that I haven't given anything away, mainly because the satisfaction of doing it unaided is huge. My approach was extremely inefficient, I'm sure there are tools that could have made my life so much easier (but I wouldn't have learnt how they worked) but on the way I learnt so much, and that is the reason I am here.

    I am now trying "Carrier" but getting nowhere. A cup of tea might help...

    p.s. General tip on shell access: don't forget to enable STDERR somehow or it will drive you up the wall if you are good at typos.

    In the unlikely event that I manage to be of help, feel free to give respect! I will try to help you help yourself, but I don't see any gain from simply giving away the answer.

  • edited October 2018

    Hello, i see the past and got a key. But I do not succeed in using it (prompt for password for every account i try), what im missing ?

    EDIT : NVM I've found what i was missing

    EDIT2 : Rooted ! PM if u need hint

  • Need help. Someone PM me, please. Don't know what to upload or what to do after that.

  • edited October 2018

    I need help with ssh keys... I have a username and password that are most likely correct but I'm always getting permission denied because of a public key and I have no idea how to obtain it.

    edit: Nevermind, i got user, now for priv esc

    If anyone can PM me with help on priv esc it'd be very appreciated

    drywaterv2

  • Hi, I'm new here so sorry if i post any spoiler.
    I have been two days trying different things and I've read almost hints at the forum.
    Could someone help me? (I don't know if i need to use ssh or other attack vectors...)
    Thank you very much!

  • Just got root. Many thanks to @Naruto985 for helping me with privesc. A hint: learn about git objects

    drywaterv2

  • Looking for help with privesc been stuck for a while now, I can probably see it already but have no clue how to use it, please pm me

    keresh

  • i need help with this box, i use xml to get some stuffs but dont really know how to escalate from here

Sign In to comment.