Vault

1568101113

Comments

  • edited November 2018

    I got the root.txt too by simple file decryption... seemed wrong.. but hey.. you don't know what you're gonna get when you start a box..

    edit
    bah.. after a reset the file is no longer there so I profited from someone else's hard work.. oh well...

  • edited November 2018

    i dont know what am i doing wrong...i can upload certain file but it cant get executed on the server as intended.i am not able to get reverse connection ....can anyone help me?
    Edit:got it.Thanks to forum peoples and al those who were kind to me.

  • Finally got root flag after feeling suffer thanx alot to @Samsara @T3jv1l @tekcap , all of you awesome

    banteng999

  • Any tunneling required after got the root of the D** server? May I have some hints of how to get into vault?

    I did see some useful command (i.e. n*** ) in the log. However, no idea how to use it in order to get into vault.

    Please give me some directions

    Thx.
  • > @TAPE said:
    > I got the root.txt too by simple file decryption... seemed wrong.. but hey.. you don't know what you're gonna get when you start a box..
    >
    > edit
    > bah.. after a reset the file is no longer there so I profited from someone else's hard work.. oh well...

    You got jackpot dude, LoL

    banteng999

  • @sayyeah said:
    Any tunneling required after got the root of the D** server? May I have some hints of how to get into vault?

    I did see some useful command (i.e. n*** ) in the log. However, no idea how to use it in order to get into vault.

    Please give me some directions

    Thx.

    +1

  • edited November 2018

    You need N*** because , if you don't know where you are going , how are you going to get there ? Suggest you look up the different applications for N*** and different types of ways it can look for what you need given your current topology

    Hack The Box

  • @TAPE said:
    I got the root.txt too by simple file decryption... seemed wrong.. but hey.. you don't know what you're gonna get when you start a box..

    edit
    bah.. after a reset the file is no longer there so I profited from someone else's hard work.. oh well...

    VIP or free ? Wondering if it was me coz I remember resetting the box when I was done .

    Hack The Box

  • @An0maly said:
    You need N*** because , if you don't know where you are going , how are you going to get there ? Suggest you look up the different applications for N*** and different types of ways it can look for what you need given your current topology

    I don't get it.. I have the IP of vault, i know that 192.......5 is interfering the traffic. Still i can't find my way into vault whatever proxy and command i use. I am totally lost here..

  • @jodjod said:

    @An0maly said:
    You need N*** because , if you don't know where you are going , how are you going to get there ? Suggest you look up the different applications for N*** and different types of ways it can look for what you need given your current topology

    I don't get it.. I have the IP of vault, i know that 192.......5 is interfering the traffic. Still i can't find my way into vault whatever proxy and command i use. I am totally lost here..

    Thats why you need to laern more about N**** :wink:

    Hack The Box

  • @An0maly said:

    @jodjod said:

    @An0maly said:
    You need N*** because , if you don't know where you are going , how are you going to get there ? Suggest you look up the different applications for N*** and different types of ways it can look for what you need given your current topology

    I don't get it.. I have the IP of vault, i know that 192.......5 is interfering the traffic. Still i can't find my way into vault whatever proxy and command i use. I am totally lost here..

    Thats why you need to laern more about N**** :wink:

    Hi there,

    Thx for your help. I am thinking whther we are referring different N***. What I am referring is Nc** but not Na** =). I also saw the log related to Na** in the log and figured out only one service can get response from Vault. However, I have no idea how to use Nc** to connect the vault, could you please give me a direction?

    Cheers.

  • Hi all, enjoying this box however stuck on the O*****v*n configurator, can i use the upload functionality the get a shell ive been trying using "up" however i believe it needs a successful TUN connection to run? any nudge in the right direction would be greatly appreciated

  • edited November 2018

    After getting access to D** i can ping vault, i also runned nmap and found out two ports, but they are closed! Dm me any hints! Thnx!

    Edit: Rooted!

  • i think this box is broken, no arp for firewall ip now??

  • @badman89 said:
    i think this box is broken, no arp for firewall ip now??

    edit: nvm just being impatient

  • Feel free to PM me if you are running into issues.

  • edited November 2018

    Could anyone help on the o*** file syntax?
    I'm really lost trying to make it work for a few hours already.

    I writed on it a couple of times and now I can't write anymore, only timeouts.

  • I've got shell on D**, got some creds and see user.txt file which is empty. Not sure if that meant to be like that? Before I revert and pi** anyone off, so I would check in to see if this is meant to be the case. Thanks guys

    GreysMatter

  • jkrjkr
    edited December 2018

    As d*** on D** you should have a user.txt. There is an empty one (probably) at the place where you found some credentials, though.

  • I was root. Got it now. Thought I did a "find /" ... perhaps not. Cheers bud. I hate reverting and spoiling for anyone.

    GreysMatter

  • I need some hints , anyone PM me :anguished:

  • edited December 2018

    I an on D**, and I am completely flummoxed as to how to get over to V****. I see the two closed ports. Anyone feel like DMing me a pointer or two? I'm out of ideas.

    EDIT 1: Taking a closer look at a certain log file...

    EDIT 2: Ooooh! It looks like I connected... Which is strange since I tried using a similar thing with nmap earlier with no success.

    EDIT 3: Yep, I'm in. All the info you need is indeed in the logs not necessarily in the user directories or anything.

  • The box is fun. I especially like the "box in a box" concept.
    But I wonder about getting root.txt: I found it without being root on Vault, even after reset. I assume this is the intended way but would like to know if someone was able to get root on the box, or if I was just lucky (at least 2 times ;)

  • I've some trouble with shell upload, i try some way ... if i upload wrong file i've got error message, but if i try other the page is like stuck without any message, is it normal?

    Non nobis Domine, non nobis, sed nomini tuo da gloriam

  • edited December 2018

    edit: rooted
    This thread is full of hints already, but giving my two cents:
    User: Up to the first reverse shell it's really straightforward. You then start enumerating everything, you'll find your way. Read the files and learn lateral movement.

    Root: Easier to find, trickier to get. You'll need to research and to pay more attention to details. One hint is to write down everything you find since the beginning, you never know when or how you might need it.

  • I'm root on D**........cannot find any root.txt.......any hint???

  • > @BlackArrow said:
    > I'm root on D**........cannot find any root.txt.......any hint???

    You have got another box to go yet...
  • edited December 2018

    fucking awesome box again. Was funny but I don't want to see it again!!!!.

    My hints:

    User: don't overthing as did. enumerate file uploads extension. Read this article https://netsec.ws/?p=278 (file free to report if it was a spoil). If you find other service just enumerate again (from the beginning like a new machine), but don't touch too much or you will lose the information. Be Fucking happy

    Root: everything here, so follow instuction. Read the logs, read everything. Copy and paste in a smart way. At this point you are close, all you need is in initial machine. And again be fucking happy

    Feel free to report spoil

  • got root thanks @CHUCHO for the hints on tunneling!!!

    Hack The Box

  • @IteXss said:
    got root thanks @CHUCHO for the hints on tunneling!!!

    ssh tunneling not working here...damn my syntax

Sign In to comment.