Curling

Hi Guys, I got user, but i’m pretty new at priveesc. All hints super appreciated :+1:

Finally completed the box. Thank you @L4mpje :+1: learned a lots of basic stuff to complete the box, never used those command like this before :slight_smile:

Got root!!! hostname is key to get root. :wink:

Obtained the root flag finally. Thanks to @iphkvm for the help!

I have also rooted Irked, what box if recommended next for a beginner?

I got user but I’m stuck on root. I see that the key it’s either c*** or w**** but nothing I try works. Can I get a hint from anyone?

Hi guys, can someone hint me?
I found the pb file but i’m stuck deciphering, someone can PM me ?

I got User. Thank you Marvin for you hint !

Hey guys,

Trying to solve my first machine here. Managed o get a shell as www-data. Found three files user.txt, a***-a***, p*******_b*****. No clue how to move ahead from here. cant read user.txt. Could someone help or give and hint on how work on p*******_b*****.
P.S : newbie here.
Thanks.

@WickSec said:
I got user but I’m stuck on root. I see that the key it’s either c*** or w**** but nothing I try works. Can I get a hint from anyone?

try looking at the enumeration result carefully …
anything out of the ordinary …check it out
Also there is a reason why the box is named CURLing

Hi guys, so this is my second box in HTB. I’ve got user, and i see two files in the a****-area, but i am not sure how to check which program is updating them, can anyone give me a hint please? Thanks!

Edit: got root txt, thanks everyone for the hint!

Read the comment above yours

got root.txt ,
but stilll dont know how to get root shell, please PM me if someone get root shell already.

EDITED: now got the root shell, thank you.

feel free to PM me if need a hand

Tried scanning with joomscan, joomlavs, nmap… browsed directories as a result of joomscan… got the username too on blog i.e. F***** ,saw s*****.*** on the page source at the bottom of page. tried many combinations of usernames and password but unable to access. first time trying on joomla… also people commenting overthewire level 12, i have completed it upto level 20 or something so that would be easy then. please help , message me.

Hey all, I have a reverse shell as w**-d***. I see the p*******_b***** file. I ran “file” on it, looked up the magic bytes. File says it is a**i, and the magic bytes says b2. I’m stuck at figuring this file out. Can someone PM me with a hint or point me in the right direction? Thanks!

@RagsFTW try to fix the file with its extension b**2 by using xxd with the right option

@nadia said:
@RagsFTW try to fix the file with its extension b**2 by using xxd with the right option

Got it! Thanks! On to root…

Hello. Please help on on curl options. I’ve got user fl___s creds, ssh’d to the machine, enumerated the a****-*a and found how the two files are being constantly edited, but I’m not sure how to get cl to work the way I want it to. Please DM me. Thanks

Yezus, stop overwriting the index.php with upload … rly just create some another page…

root

already got the user.txt but still don’t know how to priv esc. a bit lost with the a—n-a–a, the two files there and the whole curling. PM with hints on priv esc are appreciated.

i am noob trying hard since 24 hour lol get user but now stuck in root but i will get it thanks for hints guys this machine explode my brain

Just want to thanks htb and maker of this machine i learn lot from this machine

Got root