SecNotes

Is anyone having trouble keeping a session up for more than 30 seconds?

stuck at S**i, would appreciate a nudge. :astonished:
EDIT1: got it
EDIT2: rooted. interesting privesc :lol:

I can use some help guys :slight_smile:
Can someone pm me ?

Rooted !! well that really was not the priv esc i initially assumed it to be … but a fun box

someone can send me some clues ? im blocked, this is my second machine :expressionless:
no spoiler, i find one thing usefull ma i dont know how can i use it

Finally rooted!! That privesc concept was pretty cool, but i totally made it harder on myself with rabbit holes.

Well… Im feeling kind a dumb, but im not able to manage where to start the injection I tried in all pages… :scream:

Rooted finally. Special thanks to @sanre and @PercyJackson35!

@dplastico said:
Well… Im feeling kind a dumb, but im not able to manage where to start the injection I tried in all pages… :scream:

same :confused: I’m using htb to learn so I don’t know a whole lot. s****p doesn’t work and any s**i returns 500. I feel really stuck. Can anyone give me a nudge?

Rooted, thanks to the creator. Fun box.

@eXz said:
Also stuck, any SQL injections keep returning 500 error. Not sure how to get initial foothold would appreciate any hints.

im on the same, maybe is something very odd but I tried all fields also tried the 2nd lvl atack but getting the same error 500

Finally box rooted, it was really cool. At the beginning I lost a lot of time in the first steps, but when I saw the obvious things, it was possible to continue the way.

Good luck to anyone and anything can send me PM

I solved that part but now i dunno what to do. the files keep changing even after a reset? is this intended behaviour?

I am seriously stuck on this :frowning: Mas***n doesnt work and nmap takes too long. I cannot find another open port. Please PM me
EDIT: does nmap take that long on everyone elses pc or is it just me?
EDIT 2: Got user!

got root! pm me for hints, I won’t give you the solution!

Hey, I’m able to execute individual commands, but I’m stuck on getting a reverse shell that doesn’t immediately die. Could someone PM me with some hints to move forward?

Hey did anyone else experience problems when trying to connect to c$ with the right password? pls PM
EDIT: I was just being really stupid. Got root!

would someone please pm me with regards to privesc? I believe I have found a way to run commands that would usually not work on a windows box (which I think is the right direction) but I think my syntax or my shell is not good enough to actually have them run on the machine… can explain more in a pm

I’ve found user and managed to setup a stable reverse shell. I’ve found a couple interesting things that feel unusual. However they don’t seem to help me any further towards root. I think I can’t mention my findings here without possibly spoiling something so I would appreciate it if someone could DM me and perhaps help me get to the next step.

Someone willing to DM me on initial??? i’ve injected the sh* out of this thing to no avail… no weird 500 errors or anything… also got mixed results on different runs of the tool.