Hawk

1121314151618»

Comments

  • Got root today.
    Interesting machine.

  • edited November 2018

    Got user, enjoyed this box - onto root
    If you'd like any pointers drop me a message

    Edit: rooted! Learned a lot from this box - definitely a fun one

  • Got root today, thanks to xeto and ikuamike for the help. You can ping me for help!

  • ive got user access, and im able to sign into locally running service but i cant seem to figure out PrivEsc to save my life. any hints to save my sanity would be much appreciated

  • nice. got root. had alot of trouble with the .b**** file. i managed to get it but still would like to better understand what happened and how i can approach such things in the future.

    root was easy for me as i had everything i needed already because i tried exploiting exactly that for initial foothold and failed. very fun setup i learned alot form this.

  • I'm at the initial file decryption stage. I know the tool that was used, and I can script up iterating through passwords. My question is on the algorithm. Am I supposed to iterate through that too, or is there a hint somewhere else that is publicly accessible on this box as to what algorithm was used?

  • So I ran through a script with rockyou and a particular algorithm. I got a password that did not throw a "bad decrypt" error, but I still have gibberish. I've seen all "digest" hints, and I know vaguely what those are referring to. But as I understand it, those are one-way mathematical functions that cannot be reversed. So, I'm not sure how to apply that to this process.

    Any help would be greatly appreciated. Cryptography has never been my strong suit.

  • Can anyone give a nudge for root?

    gwizwold

  • So I found out that openssl will "decrypt" this file with more than one password. Meaning, depending on the algorithm and the password chosen, you won't get a decrypt error. But, if you have the wrong algorithm, the file is still gibberish.

  • Any help for decrypting the famous file will be gladly appreciated.

    Hack The Box

  • Any hints for privesc ? I can visit the page of H2 console. But no idea how to login.

  • @73rry said:
    Any hints for privesc ? I can visit the page of H2 console. But no idea how to login.

    I'll PM you.

    clamington

  • @Gwizwold said:
    Can anyone give a nudge for root?

    is there anything running as root?

  • After a careful search I found the file, but now I have a problem with the decryption.
    I always get bad magic number, is the wrong version of the tool?

    Non nobis Domine, non nobis, sed nomini tuo da gloriam

  • @cyberdog2099 said:
    After a careful search I found the file, but now I have a problem with the decryption.
    I always get bad magic number, is the wrong version of the tool?

    You're on the right track, check your tool syntax/options

  • Yeah, with some tips i've reached the user! A little step little to the root

    Non nobis Domine, non nobis, sed nomini tuo da gloriam

  • If anyone can help with the escalation from w************a to d***** I'll really appreciate it. Been stuck for a long time looking for anything.

    Hack The Box

  • Is anyone able to PM me a hint? I'm very close I think.

    I have user access, did the poison type thing to get access to the console but have no credentials. I've found a couple of scripts that look useful even without creds, but I cannot get them to run properly.

  • @lichshot said:
    If anyone can help with the escalation from w************a to d***** I'll really appreciate it. Been stuck for a long time looking for anything.

    Never mind. I rooted it, amazing machine.

    Hack The Box

  • how to brute-force password of this encyrpted file?I found a code called "bruteforce-salted-openssl" but something wrong about files,cause imossible to instal it.
    Any hint will be appreciated.

    Thanks

  • @Tugzen said:
    how to brute-force password of this encyrpted file?I found a code called "bruteforce-salted-openssl" but something wrong about files,cause imossible to instal it.
    Any hint will be appreciated.

    Thanks

    yea i also got that script on github but i was not able to install it and stuck on that "MAKE INSTALL" part, so i found another solution to do that thing
    don't do that PM me i got solution :)


    Leaning From Cracking......

  • edited November 2018

    hey all, so I've got the .enc file and successfully got the contents from that, but I'm at a loss for where to go next. I keep seeing the portal, but I have no idea where to go, anyone DM me some pointers?

    Edit: rooted. Thanks all for the portal help.

  • edited November 2018

    edit: Owned.

    Really fun box.
    I got "the" file seconds after seeing my nmap results. But I spent a whole day studying on how to deal with it. Worth it at the end.

    Privesc was really nice and simpler than it looks. You just need to study quite a bit on what's running.

  • Okay it seems that one possible way to get the user.txt is to work with a reverse shell. I have a theory but am struggling to implement correctly. If somebody could PM me so I dont give what little I know away in the event that I'm moving in the right direction, I would be very grateful. Thankyou ahead of time!

  • can someone PM me from where to start ??

  • I could login to portal but don't know what to do.I couldn't find any place to upload a file or any .php file to edit for a reverse shell.

    I need some hints please!

    Thanks

  • I lloked for every conf files but still couldn't password for Da***l.Can you please sent me PM for hint please?

    Thanks

  • I try to find some clue from running process... need some tips

    Non nobis Domine, non nobis, sed nomini tuo da gloriam

Sign In to comment.