Irked

1356729

Comments

  • @devanshll said:
    feeling a moron atm, i know should be easy to understand this b***** file, but i just cant get it

    Ever done any challenges on here?

    --Skunkfoot

  • Got root, was definitely overthinking it. Was anyone able to get a root shell? Gave up on cracking the hash after getting the flag..

  • edited November 2018

    i need nudge for user, there some things i see on the file but still blank maybe im overlooking, a pm would come handy =]

  • @th1rtytw0 said:
    Got root, was definitely overthinking it. Was anyone able to get a root shell? Gave up on cracking the hash after getting the flag..

    Yeah, I'm wondering how you did it if all you did was read the file, a shell is pretty simple to get. PM me and we can discuss.

    --Skunkfoot

  • cbxcbx
    edited November 2018

    I'm still in low priv, trying to get user and I've just found a file-pass that it is suppose to be from the user, damm dj, but when I try to connect doesn't work.
    I'm wondering if I'm doing something wrong... spending hours here trying to figure out.

  • Can you guys stop trying to dirty cow this box. It's not the solution

    drywaterv2

  • @cbx said:
    I'm still in low priv, trying to get user and I've just found a file-pass that it is suppose to be from the user, damm dj, but when I try to connect doesn't work.
    I'm wondering if I'm doing something wrong... spending hours here trying to figure out.

    That's not the actual password. Read above it. For what could it possibly be? :wink:

    drywaterv2

  • My fastest rooted machine until nowadays.

    • For the first entry is quite easy as has being said.
    • Once inside you can use a basic privesc method through some file that allows you to do whatever you want. It's not necessary to get user in order to get root.
  • @cbx said:
    I'm still in low priv, trying to get user and I've just found a file-pass that it is suppose to be from the user, damm dj, but when I try to connect doesn't work.
    I'm wondering if I'm doing something wrong... spending hours here trying to figure out.

    PM me. You are on the wrong track buddy

    Baikuya
    OSCP

  • Can anyone give me a hint for the initial foothold I think I have enumerated all ports etc but can't find anything to get a foothold (I think I know what should be running based on the hints given but it doesn't seem to be running?).

  • @nawespet said:
    Can anyone give me a hint for the initial foothold I think I have enumerated all ports etc but can't find anything to get a foothold (I think I know what should be running based on the hints given but it doesn't seem to be running?).

    Enumerate ALL again :-)

  • got root, thanks to @testacc22 for the hint on user, that was way harder than root.. got confused and deep in a rabbit hole because of a previous chall but each day learning something new right? about root, that was REALLY easy

  • edited November 2018

    If you're not getting privesc while reading these "it was so easy!" posts then you (like me) are not familiar with every nuanced linux command.

    Do your normal privesc routine. One of the steps will create a list of things. To help figure this out, compare your own system's list with the list you get from this box. One of these things is not like the other. If you try to run it, does it work?

    Additionally, while some people on here are complaining about CTF-style box, you don't need to use it. It's kind of a functional rabbit hole, but again, not necessary for a root shell (I feel like that's an important distinction since a lot of people on here think getting root.txt is getting "root". It's not, even though some systems on HTB will only let you read the file but not get a shell).

  • Interesting machine.... Taught myself a lesson of not over complicating things (for both user and root) and stick to the basics... Very easy to over look things if you arent being thorough.

  • Good box) easy

    n01n02h

  • @drywaterv2 said:
    Can you guys stop trying to dirty cow this box. It's not the solution

    This. Seriously. (Though, I have to admit, I was guilty of this as well at first.) But when you think about it, this is a 20 point box, no one in their right mind would make you resort to Dirty Cow on a 20 freaking point box.

    BoxingOctopus

    "To secure ourselves against defeat lies in our own hands, but the opportunity of defeating the enemy is provided by the enemy himself." -- Sun Tzu, The Art of War, 4:2

  • @Skunkfoot said:

    @devanshll said:
    feeling a moron atm, i know should be easy to understand this b***** file, but i just cant get it

    Ever done any challenges on here?

    This is a pretty big hint. And if you HAVEN'T done the Stego challenge track on here, I highly recommend it. Doing a couple of these SHOULD arm you with enough knowledge on how to get the creds for the unprivileged user account on this box.

    BoxingOctopus

    "To secure ourselves against defeat lies in our own hands, but the opportunity of defeating the enemy is provided by the enemy himself." -- Sun Tzu, The Art of War, 4:2

  • @nawespet said:
    Can anyone give me a hint for the initial foothold I think I have enumerated all ports etc but can't find anything to get a foothold (I think I know what should be running based on the hints given but it doesn't seem to be running?).

    There's one service on here which you SHOULD find some interesting info on if you do a quick Exploit-DB search.

    BoxingOctopus

    "To secure ourselves against defeat lies in our own hands, but the opportunity of defeating the enemy is provided by the enemy himself." -- Sun Tzu, The Art of War, 4:2

  • @snowman418 said:
    If you're not getting privesc while reading these "it was so easy!" posts then you (like me) are not familiar with every nuanced linux command.

    Do your normal privesc routine. One of the steps will create a list of things. To help figure this out, compare your own system's list with the list you get from this box. One of these things is not like the other. If you try to run it, does it work?

    Additionally, while some people on here are complaining about CTF-style box, you don't need to use it. It's kind of a functional rabbit hole, but again, not necessary for a root shell (I feel like that's an important distinction since a lot of people on here think getting root.txt is getting "root". It's not, even though some systems on HTB will only let you read the file but not get a shell).

    To be fair, there was a recent box like this, but that box DID have a path to root shell as well though.

    BoxingOctopus

    "To secure ourselves against defeat lies in our own hands, but the opportunity of defeating the enemy is provided by the enemy himself." -- Sun Tzu, The Art of War, 4:2

  • Got user.

    Initial foothold I'd say is easier than the Jerry box. Enumerate every port. Its obvious when you see it, then use google

    User - Its so dam obvious its hidden in plan sight ! < yes that is a slight hint

    Now onto root !

    ZaphodBB

  • Getting root is not THAT easy, but teaches humility and sticking to basics, reading every line of that output... When you notice it, then it's getting obvious. Thanks for help to @marine, and couple of discord users on hints where to look.

  • @nawaronin said:
    Getting root is not THAT easy, but teaches humility and sticking to basics, reading every line of that output... When you notice it, then it's getting obvious. Thanks for help to @marine, and couple of discord users on hints where to look.

    If you test it by trying to run it with parameters, it might give you a more specific error that would make things easier than reading through the code (unless that was just something random that happened to me)

    --Skunkfoot

  • Rooted :)
    As always, any queries drop me a message

  • Thanks @BoxingOctopus found it, service keeps going down on this machine. Can anyone give a hint on what to do with .b***** file..... I've researched what it is and I know what it is refering to but can't seem to figure out how to get password from it...

  • @nawespet said:
    Thanks @BoxingOctopus found it, service keeps going down on this machine. Can anyone give a hint on what to do with .b***** file..... I've researched what it is and I know what it is refering to but can't seem to figure out how to get password from it...

    Everything is in front of you. Just relate and combine. Any more than this will be a spoiler :smile:

    Draco123

  • Got root (shell and file). I found the privesc method a few hours ago, but it took me a while to figure out how to use it. I just kept getting denied over and over again.

    Good stuff. PM me if you need hints, though you won't get a response tonight. I'm going to bed. :)

  • Got root, thx help from @marine, @Ahm3dH3sham and @Xavierif!!

  • I just got root, but I think someone left a file there that helped me a lot. Haha. Anyway... don't really know if it was there when I was enumerating before. If not, I want to learn how to do it properly. PM anyone?

  • edited November 2018

    Easy if you have a bit of experience. If you don't, this will be a good box to work out the basic approach. User slaps you in the face and root is basic recon plus looking at your results carefully. If you don't think you have the tools for recon or exfil, then go get them (it's just a google and an apt-get away).

    LegendarySpork

    my badge doesn't work, click on my profile if you want rank and stuff

    LegendarySpork

  • @Skunkfoot I meant the output of the system enumeration, that I didn't read carefully. I was expecting something that will stick out with a crazy name. Instead, I was looking at that file like 3 times, and dismissed it like "nah, that's not it, that's probably some htb process". Oh boy, how was I wrong.

Sign In to comment.