Access

after 2 days i rooted…
Thanks you i learn a lot

Can I get a PM? So far I’ve found open ports using n*** got into the f** server and retrieved m** file and AC file which is pass protected. I ran a s****** command on the m** and got a list of words. I’ve also taken another step to do a hexd on the m** file. I’m positive that the password within that file but can’t seem to find it. Any help would be greatly appreciated. This is my first HTB and so far its quite a good one. Thanks!

My first user!! I am so Happy, learned A LOT these days! Thank you @egre55
Now I have no idea where to start to get root but I am gonna try my best.
I am a beginner on this so, if anyone is also starting PM me and I will do my best to help you :slight_smile:

I just got user! Woot! Time to perform privesc… first HTB so far I’m learning alot from just this box.

plz i get into that f… . but i cant download the file from Engi… folder. plz HELP

Could I get some help in a pm? Working on getting root.txt don’t think I need privesc to get it. I tried using r**** with the correct parameters to t*** the contents into a new file…

Type your comment> @luckythandel said:

plz i get into that f… . but i cant download the file from Engi… folder. plz HELP

try a different download mode

Finally got Root! Awesome box @egre55

Great box @egre55 also got root!
And for those struggling to read the root.txt file: p******** > c**

It was my first box so, if someone (beginner or not) need some help, just PM me :smiley:

Finally got root!
User was anoying, i had trouble getting the file without “corruption”… Hope this is not a spoiler but… think “binary” :smiley:

Has for root… i found it pretty easy once i found the hint in the desktop… Having a windows VM helps a lot!!

I cannot get this r**** command to work at all! even after finding the hint and trying so many iterations of the command! can someone PM with some help? I can show you the command I was trying, thank you for the help!

ROOTED!!! Literally spent all day on this, but pfew!! Time for beer.

I actually got a root shell on this (well, Administrator) and way WAY easier than just trying to read the file IMO.

Tip for root: utilize the r**** to execute another program on windows that can then in turn execute a one liner script to grant shell access. Ippsec’s Optimum video helped me here.

Can someone PLEASE PM me about their methodology for getting root? I’ve got it, but I need to understand WTF would lead me there. Am I just supposed to try that command as a one-off in case an admin got lazy? Or did I miss something during enumeration that would lead me to believe that the Admin got lazy?

I’d be willing to know what to do with root.txt. I just have the admin user not the system user which might be why, something else is going on I’m assuming other than just permissions for this file… Ah, I wish all boxes could be linux lol

any hints what to do with .pst file after unzip the file stuck there

@lduros said:
I’d be willing to know what to do with root.txt. I just have the admin user not the system user which might be why, something else is going on I’m assuming other than just permissions for this file… Ah, I wish all boxes could be linux lol

Nevermind, figured it out, was using the wrong flag on r**** preventing me from getting the root.txt.

Ok so this is my first box, I got user a few days ago but haven’t managed to figure out how to get root, any help would be much appreciated or directions to some material where I can learn about what to do. thanking you!

when I log in as anon to f** and ls my session is stuck at “150 opening ASCII mode data connection” any suggestions on how to fix this?

USER:
To get the user the main advice is to be aware of the output of the commands you make. If your files are corrupt (100%) it is because you do not pay attention to the commands’ warnings.
ROOT:
Look all the users directories, u will find a interesting command that u need to use. Obtain a shell and download the file that u need. Thats all.
GOOD LUCK

It’s my first box which I try. Found f** got m** and A*****.z** via b***** mode, so they dont get corrupted. Found some credentials inside m**, but they don’t seem to work.
Can I DM someone to get a little hint and see if the credentials are the correct one?