Bashed

@likwidsec said:

@Pomme said:
Same, could really use a fresh hint…

A “fresh” hint? Lol the box has been out for barely a week - and everything you need to solve it is in this thread… What more “hint” could you need?

I’ve never ever done any priv esc before, I’m very much a beginner at this, but hey, I hear you, I think I just gotta read more and more about priv esc

Will try again and again until I succeed :wink:

@BROX said:
There’s multiple ways to root this box. Personally, I would suggest avoiding the method that requires multiple resets and a lot of luck as you will get frustrated/annoy others working on the box and won’t learn anything of value.

Scripts like LinEnum are great, but it’s always worth poking around manually checking file/folder contents too.

Thanks for the answer. It is very helpfull to me) I am a newbie in this playground) But it is very cool) Very realistic boxes ))

@likwidsec said:

@Pomme said:
Same, could really use a fresh hint…

A “fresh” hint? Lol the box has been out for barely a week - and everything you need to solve it is in this thread… What more “hint” could you need?

We all started somewhere man…Just because you found it obvious doesn’t mean a lot of people did.

little hint for priv esc

It’s like watching an AngryJoeShow video review :smiley:

I’d love to have access to a sub-forum for each box, password protected by the root flag, then we could discuss why certain things wouldn’t work that under different circumstances would of, it’s just a thought…

@Saoirse said:
It’s like watching an AngryJoeShow video review :smiley:

I’d love to have access to a sub-forum for each box, password protected by the root flag, then we could discuss why certain things wouldn’t work that under different circumstances would of, it’s just a thought…

That sounds like an awesome idea to me…would also help people like me learn different approaches you can take.

@TheRealHooz said:

@Saoirse said:
It’s like watching an AngryJoeShow video review :smiley:

I’d love to have access to a sub-forum for each box, password protected by the root flag, then we could discuss why certain things wouldn’t work that under different circumstances would of, it’s just a thought…

That sounds like an awesome idea to me…would also help people like me learn different approaches you can take.

Yeah, I like this idea. A section to share solutions and idea… I think that it could be implemented in the htb home (where there are the active machines). After you get root flag you are able to read solutions. You can comment, compare etc…

@Saoirse said:
It’s like watching an AngryJoeShow video review :smiley:

I’d love to have access to a sub-forum for each box, password protected by the root flag, then we could discuss why certain things wouldn’t work that under different circumstances would of, it’s just a thought…

Neat idea!

@r7f5 said:

@TheRealHooz said:

@Saoirse said:
It’s like watching an AngryJoeShow video review :smiley:

I’d love to have access to a sub-forum for each box, password protected by the root flag, then we could discuss why certain things wouldn’t work that under different circumstances would of, it’s just a thought…

That sounds like an awesome idea to me…would also help people like me learn different approaches you can take.

Yeah, I like this idea. A section to share solutions and idea… I think that it could be implemented in the htb home (where there are the active machines). After you get root flag you are able to read solutions. You can comment, compare etc…

I think that’s a great idea

@Pomme said:

@likwidsec said:

@Pomme said:
Same, could really use a fresh hint…

A “fresh” hint? Lol the box has been out for barely a week - and everything you need to solve it is in this thread… What more “hint” could you need?

I’ve never ever done any priv esc before, I’m very much a beginner at this, but hey, I hear you, I think I just gotta read more and more about priv esc

Will try again and again until I succeed :wink:

The missing pieces to privesc’ing this box are probably staring at you (it was for me) I didn’t see it at first with all the machine resets and those resets cause me to go down a dark and unnecessary rabbit hole. I reached out to someone and was thankfully told to try harder and look at the basics. Once you ‘see’ it you can privesc with very minimal effort (read: you don’t have to crash the box).

g0tm1lk’s basic linux priv esc guide is a great resource for beginners (and this machine)

Here’s the deal, when you can point out exactly what exactly the process of understating your LinEnum.sh scripts or bat scripts mean, then you haven’t earned the right to admonish people, they’re, I’am, just trying to learn, this is unhealthy, that’s not natural the way you people have been taught, it’s unacceptable , albeit from the OSCP it’s oddly acceptable, doesn’t make it alright, I quit…

@Saoirse said:
Here’s the deal, when you can point out exactly what exactly the process of understating your LinEnum.sh scripts or bat scripts mean, then you haven’t earned the right to admonish people, they’re, I’am, just trying to learn, this is unhealthy, that’s not natural the way you people have been taught, it’s unacceptable , albeit from the OSCP it’s oddly acceptable, doesn’t make it alright, I quit…

dont worry

I have to be blind, coz i only see a few things, try some others, but anyhow stuck XD

Any hints on how to privesc this box?

I have the best one: Enum and try harder.

So that was it, just a pair of bigger glasses to get root

@Saoirse said:
It’s like watching an AngryJoeShow video review :smiley:

I’d love to have access to a sub-forum for each box, password protected by the root flag, then we could discuss why certain things wouldn’t work that under different circumstances would of, it’s just a thought…

This is an awesome idea!! Would love to see it implemented if possible!!

Surprised at how long it took to get root; mainly due to poor attention to detail.

That said, it was not as straight forward as the ratings would suggest. Expect a number of distinct actions and pay close attention to the details of important files/directories.

Enjoy!

i am using the basic priv esc cheat sheet from got milk. I still cant see the way to move from www-data to priv user. please any suggestion other than try harder will help! I have been enumerating for days and i just cat see the way.

There is a way of reading the file you need… without being root