Frolic

I think this is not a real scenario box, its more a CTF challenge box…
But it was fun to do it

@Ismail said:
I think this is not a real scenario box, its more a CTF challenge box…
But it was fun to do it

It was a pain to do, but yes it was fun.

Spoiler Removed - egre55

@l30n said:
Ook I know what it is no :)> @N30C0UNT said:

@l30n said:
what the heck is that …?

Ook I know what it is now :slight_smile:

You like that huh :lol: Glad I could help

@N30C0UNT >>> Thank you… Now trying to figure out the base of the issue.

@Ismail said:
I think this is not a real scenario box, its more a CTF challenge box…
But it was fun to do it

I highly agree, Never saw this in the OSCP labs. Ran out of lab time so I jumped back on here to get more practice before my test next month.

Got user, but stuck on priv esc. Can someone please send me a hint through PM?

Wow definitely worth more than 20pts imo… Rooted though! You can PM me :slight_smile:

This machine should worth more than 20 points it got me nuts but finally rooted thanks to @N30C0UNT and @zdravich for answering my doubts!!

@x00byte said:
This machine should worth more than 20 points it got me nuts but finally rooted thanks to @N30C0UNT and @zdravich for answering my doubts!!

:+1: Anytime. Help was the only way I got through this one.

Got user finally. Now hunt for root.

No f***ing way this box should be a 20 pointer!

can anyone give me a hint. how to find credentials of color login?

@Phr33fall said:
No f***ing way this box should be a 20 pointer!

What difference does it make? It’s all for practice and learning anyway.

@Skunkfoot said:

@Phr33fall said:
No f***ing way this box should be a 20 pointer!

What difference does it make? It’s all for practice and learning anyway.

Agree. Don’t think about points. Just learn something new in HTB.

Got root. I had some gaps in knowledge so it took quite a while. The whole box is very CTF like and not anything that would happen on a real-life setup.

My tips:

  1. For user:

I found out that it is good to use multiple dirbusting apps, I used gobuster at the start and it did not find what I needed. Quite a bit of research is needed to get to the point where you can grab the user flag. This thread contains sufficient information to start with, google is your friend as always.

  1. For root:

Read the links in the thread and it’s a good idea to do the exercises in those links. For the actual exploit you need to find the thing that does not change and from there you can move up. I strongly advise setting up a local development box with the same OS.

I can see now why the box is only 20 points if you know your overflows it will be relatively simple. If anything I mentioned is a spoiler please remove!

PM for tips will try to help out

@ZeusBot said:
can anyone give me a hint. how to find credentials of color login?

Check your PMs

Well finally got user, now messing about with r** anyone know how to find function addresses without gdb?

@Skunkfoot said:

@Phr33fall said:
No f***ing way this box should be a 20 pointer!

What difference does it make? It’s all for practice and learning anyway.

Totally agree, but the points awarded normally relates to the level of difficulty of a box.

Those new to HTB could be discouraged if they chose this as their first box.

Finally got root. What a load of bullshit. Thanks @BoiteAKlou , @tobor , and @x00byte for the help.