Curling

@blobbo said:

@L4mpje said:
Hey guys! I’m really glad that most of you like the box! As most of you already said, this box is aimed at people who are new to HTB. Yes it can be boring for advanced players who hoped to learn something new, but I think this box is a good stepping stone up from the box “Jerry”. All hints provided in this thread should be enough to root the machine, so i will not give any more. Go back to basics and look in front of you!

As for the question if it is possible to get a root shell. Yes it is!

Is root shell the intended way? Because that’s how I did it and reading the thread getting the impression there’s meant to be a more “obvious” way - but to me the shell was super obvious and I can’t see this other way :frowning:

Anything that works is intended, both are really obvious. But i can imagine that new players might have trouble with seeing all the possibilities you have in this scenario.

@L4mpje said:

@blobbo said:

@L4mpje said:
Hey guys! I’m really glad that most of you like the box! As most of you already said, this box is aimed at people who are new to HTB. Yes it can be boring for advanced players who hoped to learn something new, but I think this box is a good stepping stone up from the box “Jerry”. All hints provided in this thread should be enough to root the machine, so i will not give any more. Go back to basics and look in front of you!

As for the question if it is possible to get a root shell. Yes it is!

Is root shell the intended way? Because that’s how I did it and reading the thread getting the impression there’s meant to be a more “obvious” way - but to me the shell was super obvious and I can’t see this other way :frowning:

Anything that works is intended, both are really obvious. But i can imagine that new players might have trouble with seeing all the possibilities you have in this scenario.

Ah just poked around more and saw the other way!

edit: Got user, thanks for any hints! :slight_smile:

Root was way easier than user, imo.

pretty easy from start to finish

For those struggling to get a root shell: the process you can use to read the root flag can also read data from multiple sources… and write to multiple destinations.

For the ones that are stucked on that crazy b***up file, I recommend to take a look on the OverTheWire – Bandit, level 12. Hope that isn’t too much spoil :slight_smile:

i cannot figure out how to decode the file

I cant just understand how to get root… I see that admin***** but dont know whats going on there… Any hints… ?

Finally got the root flag, it truely was super obvious, but it was something that I thought was a troll so I ignored it for hours lol. I feel bad for wasting like 4 hours on priv esc when it could have taken 5 minutes.

Can’t figure out how to pop a shell as root just yet but I’m satisfied with getting the flag for now.

Got it.
very nice box
if anybody needs help, don’t hesitate to pm me

this box is really unstable… 5 minutes after reset and then it starts timing out

is burpsuite useful or not in this vm?

@b10s said:
is burpsuite useful or not in this vm?

“Useful” is relative I guess, but I didn’t use it at all, and I can’t see from my perspective how it could really be useful. The only web-based steps are as follows:

Spoiler Removed - Arrexel

Rooted !
What a box
Pm if you need help

I can’t get root for the life of me! I’ve been searching around for hours now…

@marzukr said:
I can’t get root for the life of me! I’ve been searching around for hours now…

Look closer, you don’t need to search very far to find what you need. This isn’t some common exploit or something like that, but it’s pretty simple to figure out if you can find the right avenue. Just look around for some interesting stuff that you don’t see on a clean linux install.

TLDR; RTFM :slight_smile:

Just got it!!! Tbh, root was way harder and less straightforward than user for me.

■■■■, I feel like an idiot. I can’t even get past the login page. Found the se****.txt which looks like a password but no username works. I thought the user Fl**** would work but no. Admin no. Used cewl with burp suite and nothing could get in. I’m not seeing something thats probably obvious. Can’t get in to either login page. Tried hydra on port 22 with what I found and my cewl list and still no dice. PM appreciated.

@paddy said:
■■■■, I feel like an idiot. I can’t even get past the login page. Found the se****.txt which looks like a password but no username works. I thought the user Fl**** would work but no. Admin no. Used cewl with burp suite and nothing could get in. I’m not seeing something thats probably obvious. Can’t get in to either login page. Tried hydra on port 22 with what I found and my cewl list and still no dice. PM appreciated.

are you sure you have the actual password?