Carrier

145791028

Comments

  • edited October 2018

    someone is available on PM, i can enumerate the 1*1 port but i can't get the SN.
    i treid several tools, with several options without success.

    tks

  • @jackshd said:
    someone is available on PM, i can enumerate the 1*1 port to get the SN.
    i treid several tools, with several options without success.

    tks

    Take a walk and think about it. ;)

    Curve

  • @Curve said:

    @jackshd said:
    someone is available on PM, i can enumerate the 1*1 port to get the SN.
    i treid several tools, with several options without success.

    tks

    Take a walk and think about it. ;)

    tks a lot, got it

  • Any able to give me a nudge on whether I'm on the right track with b** and q***** for p***t? Or if I should be focusing on something I've overlooked?

  • got shell but still nothing on root.txt :( if someone kindly enough to help me please PM :)
    Thanks.

  • I made some progress but still stuck on getting root.txt :/ please DM me if you can help me a bit

    Hack The Box

  • Does anyone know if there's any material i can read regarding priv esc. I'm sure i know what it is, but i can't find anything on actually applying it outside of theory

  • Any suggestions on websites to read about exploiting PHP? I'm weak on web exploitation and everyone is saying this is easy but I'm obviously missing something. I can't find a way to exec my commands.

  • edited October 2018

    user is easy!

    PsyXsouL

  • @PsyXsouL said:
    user is easy!

    struggling for root

    PsyXsouL

  • Many thanks to @Raiden99 @Kecebong and Spoppi....you guys have been wonderful. Got root.txt on carrier.....learned a lot from u guys...... :)

  • edited October 2018

    anyone got some hint for the RC-Part? Can't seem to get it to work...
    Edit.: nvm got it to work, feelin so stupid right now

  • Was anyone able to open the pcap file? Looks to me like it has 0 bytes but wanted to verify.
  • Would you guys mind providing some hints to elevate my privs to root, I'm struggling here for days. Couldn't understand how to benefit from the B** thing. I already read the tickets, understood there is something going wrong on the other side but still some pieces are missing from the jigsaw I need to gather. Could you PM please, I need to understand more than just escalating the privileges.

  • @royc3r said:
    Was anyone able to open the pcap file? Looks to me like it has 0 bytes but wanted to verify.

    Don't worry about it :)

  • I second @eeyepee's request. I have been struggling with privesc. I think I know what to do, but I can't "see" the result of my actions. Could any kind soul PM me to discuss things?
    Thanks for your time!

  • Well, for privesc, I tried with netcat but it did not work, so I emulated the service with a script from github. Keep this in mind if you think you got everything as it should ;)

  • edited October 2018

    @diogomrfer said:
    Well, for privesc, I tried with netcat but it did not work, so I emulated the service with a script from github. Keep this in mind if you think you got everything as it should ;)

    I found you could emulate the service just by typing the responses into netcat, saves some time trying to script things out =)

  • @gr0k said:

    @diogomrfer said:
    Well, for privesc, I tried with netcat but it did not work, so I emulated the service with a script from github. Keep this in mind if you think you got everything as it should ;)

    I found you could emulate the service just by typing the responses into netcat, saves some time trying to script things out =)

    Oh, nice. :+1: A smarter choice, actually! :D

  • edited October 2018

    can someone gimme a hint on how to get a reverse shell, got user but so far i'm only able to run commands via the website. i have an idea what to do once i have a reverse shell but i'm still stuck getting the machine to connect back to me. pinging myself works fine. any ideas?
    EDIT: nvm, i got it now

  • i have no idea what ssh key people are talking about. i couldn't find any keys on this box, not in the usual locations and not somewhere else :(

  • Can anyone PM me to help me to het Root here. I know it's a Network thing. I see a specific route thing, but then the wall get's to hard :-(

    Hack The Box

  • edited October 2018

    Got root. What a great box. I almost blow my brain to get this done. I was thinking too hard, but in the end was a simple thing. Saw 2 ways to get this done. there's much easier and another not so easy, but on the real world we don't always will have root access on pivot machine to get this done. So networking is fundamental on this box.

    EDIT: what is the thing with the secretdata?? and the Nigerian Prince?

  • still struggling with user. what am I missing. got admin credentials bt can't find any, executable or interactive shell/service as suggested by others. I get "Configuration changes locked, will be reverted automatically" . some tabs/links restricted due to expired license. I just can't find anything remotely close to an interactive shell on the admin page

  • @mcknicks said:
    still struggling with user. what am I missing. got admin credentials bt can't find any, executable or interactive shell/service as suggested by others. I get "Configuration changes locked, will be reverted automatically" . some tabs/links restricted due to expired license. I just can't find anything remotely close to an interactive shell on the admin page

    Pm me, I can give you some help.

    Arrexel

  • @bokanrb said:
    Got root. What a great box. I almost blow my brain to get this done. I was thinking too hard, but in the end was a simple thing. Saw 2 ways to get this done. there's much easier and another not so easy, but on the real world we don't always will have root access on pivot machine to get this done. So networking is fundamental on this box.

    EDIT: what is the thing with the secretdata?? and the Nigerian Prince?

    Lol, no clue secret data but the Nigerian prince is a well known email scam.

  • Can someone help me? I can create a reverse shell but the connection automatically dies within a second...

  • @mcknicks said:
    still struggling with user. what am I missing. got admin credentials bt can't find any, executable or interactive shell/service as suggested by others. I get "Configuration changes locked, will be reverted automatically" . some tabs/links restricted due to expired license. I just can't find anything remotely close to an interactive shell on the admin page

    Same here...Stuck on user, I passed the login, I watched every path, every js ... But I'm totally blinded right now! I exchange adamantium for a hint LOL

  • edited October 2018
    For the love of God I can't even enumerate after user with all the resets! Is that from necessity or just people not getting what they are looking for? I see that elegant, striped African animal galloping over its common ports 🤣 but nothing in iptables list
  • @skarfaze said:

    @mcknicks said:
    still struggling with user. what am I missing. got admin credentials bt can't find any, executable or interactive shell/service as suggested by others. I get "Configuration changes locked, will be reverted automatically" . some tabs/links restricted due to expired license. I just can't find anything remotely close to an interactive shell on the admin page

    Same here...Stuck on user, I passed the login, I watched every path, every js ... But I'm totally blinded right now! I exchange adamantium for a hint LOL

    Look at the diagnostics page in great detail.

Sign In to comment.