Carrier

got shell but still nothing on root.txt :frowning: if someone kindly enough to help me please PM :slight_smile:
Thanks.

I made some progress but still stuck on getting root.txt :confused: please DM me if you can help me a bit

Does anyone know if there’s any material i can read regarding priv esc. I’m sure i know what it is, but i can’t find anything on actually applying it outside of theory

Any suggestions on websites to read about exploiting PHP? I’m weak on web exploitation and everyone is saying this is easy but I’m obviously missing something. I can’t find a way to exec my commands.

user is easy!

@PsyXsouL said:
user is easy!

struggling for root

Many thanks to @Raiden99 @Kecebong and Spoppi…you guys have been wonderful. Got root.txt on carrier…learned a lot from u guys… :slight_smile:

anyone got some hint for the RC-Part? Can’t seem to get it to work…
Edit.: nvm got it to work, feelin so stupid right now

Was anyone able to open the pcap file? Looks to me like it has 0 bytes but wanted to verify.

Would you guys mind providing some hints to elevate my privs to root, I’m struggling here for days. Couldn’t understand how to benefit from the B** thing. I already read the tickets, understood there is something going wrong on the other side but still some pieces are missing from the jigsaw I need to gather. Could you PM please, I need to understand more than just escalating the privileges.

@royc3r said:
Was anyone able to open the pcap file? Looks to me like it has 0 bytes but wanted to verify.

Don’t worry about it :slight_smile:

I second @eeyepee’s request. I have been struggling with privesc. I think I know what to do, but I can’t “see” the result of my actions. Could any kind soul PM me to discuss things?
Thanks for your time!

Well, for privesc, I tried with netcat but it did not work, so I emulated the service with a script from github. Keep this in mind if you think you got everything as it should :wink:

@diogomrfer said:
Well, for privesc, I tried with netcat but it did not work, so I emulated the service with a script from github. Keep this in mind if you think you got everything as it should :wink:

I found you could emulate the service just by typing the responses into netcat, saves some time trying to script things out =)

@gr0k said:

@diogomrfer said:
Well, for privesc, I tried with netcat but it did not work, so I emulated the service with a script from github. Keep this in mind if you think you got everything as it should :wink:

I found you could emulate the service just by typing the responses into netcat, saves some time trying to script things out =)

Oh, nice. :+1: A smarter choice, actually! :smiley:

can someone gimme a hint on how to get a reverse shell, got user but so far i’m only able to run commands via the website. i have an idea what to do once i have a reverse shell but i’m still stuck getting the machine to connect back to me. pinging myself works fine. any ideas?
EDIT: nvm, i got it now

i have no idea what ssh key people are talking about. i couldn’t find any keys on this box, not in the usual locations and not somewhere else :frowning:

Can anyone PM me to help me to het Root here. I know it’s a Network thing. I see a specific route thing, but then the wall get’s to hard :frowning:

Hack The Box

Got root. What a great box. I almost blow my brain to get this done. I was thinking too hard, but in the end was a simple thing. Saw 2 ways to get this done. there’s much easier and another not so easy, but on the real world we don’t always will have root access on pivot machine to get this done. So networking is fundamental on this box.

EDIT: what is the thing with the secretdata?? and the Nigerian Prince?

still struggling with user. what am I missing. got admin credentials bt can’t find any, executable or interactive shell/service as suggested by others. I get “Configuration changes locked, will be reverted automatically” . some tabs/links restricted due to expired license. I just can’t find anything remotely close to an interactive shell on the admin page