Irked

12324252628

Comments

  • This box definitely took me a long time to get... But still very new to the hacking world, so learnt a crazy amount with just this one box. Finally managed to get root, but also didn't understand the b****** part. I found it and read it, but didn't see the connection. Makes it more annoying when all the comments say "its right in front of you" but you just cant get it... A PM about it would be great please. Want to see what i missed in prep for other boxes.

    Thanks to everyone in the comments though. The subtle nudges here and there really helped!

  • After hard boxes like BigHead and HackBack, hacking this machine is pretty easy and pleasant leisure. It would be a mistake to miss this box. Catch the time to hack it before it retired.

    It was really pleasant for me to pass it again although I already passed it a long time ago.
    Like traveling in the past, when I thought that Irked was a hard challenge.

    tabacci

  • Found the user.txt file have no clue how to read that, can someone give me a little tip?

    Hack The Box

  • Alright, I hate asking for help, but i cannot figure out how to get root. I think i'm close to root, but i just can't manage to escalate my permissions. i managed to figure out the user.txt. Can someone nudge me in the right direction for root?

  • edited April 2019

    I have low priv shell, user.txt, b***** file and I have read a lot of steg stuff, I have checked all the challenges, next step is to buy a Desert Eagle .50, it was a pleasure guys LOL

    Edit: I also realize in b***** file the K***** code but nothing to do with that, not in the web at least.

    2nd edit: got user :)

  • Have the user SSH access. Anyone have some hints about proper method of privilege escalation ?

    Summa scientia, nihil scire.

  • priv esc hints anyone?? I might have tried most methods i guess ;_;

  • Nevermind, I just rooted this baby :)

    And only with one small hint from https://forum.hackthebox.eu/profile/c0nsp3rator

    Summa scientia, nihil scire.

  • Struggling to solve the steg part. I was learning about steg a while ago but appear to have forgotten nearly everything. I think I've pull some info but unsure how to use, so far all attempts to use where I think it should be used have failed.

    Largoat

  • edited April 2019

    May I ask what is the proper way to do a full port scan on HTB machines? Every time I did it, it took forever and never finished.

  • Any hint to get root?

  • Got User.
    Any advice for the privesc? Anyone want to PM me more 'specific' hints, this is my first privesc.

  • Complicated box for me, but hey I'm root, google was very help for me :smile:

    gndux

  • edited April 2019

    Hey Guys, Any help to get root would be appreciated. This is my first box on here and I was able to enumerate and find file which led me to getting the user.txt file. Afterwards I review the process and try a few basic escalation techniques which didn't workout. I than ran a another enumeration tool and I believe I know the exploit to get root but for some reason any variant isn't working. Any thoughts on it, It almost annoying like a C0w that out of milk.

  • Guys, I need a help with root, I can't figure out which binary with suid use, any advice ?

  • @giggi0x00 look deeper into those SUID's, look for something you might be able to control within them

  • edited April 2019

    Awesome beginner machine. Really good for those getting used to pentesting and a little fun CTF type challenge for user

    Foothold: Enumerate! You don't need anything besides nmap and msfconsole

    User: a CTF like challenge. Find the first piece of the puzzle doing basic enumeration of files and directories and then the second piece is just thinking about what you may have seen already if you visited the ports from nmap.

    Root: This part is really trivial, although remember the machine is called Irked for a reason, so what is needed for doing the privesc maybe hiding in plain site, just think of the normal privesc methods (cron jobs, PATH, setuid, kernel, sudo rights) and go through them. HINT: you don't need a kernel exploit here.

    So far this is my favorite 'beginner' box that I've done.

    Hack The Box

  • found the .b***** file and the k code inside but no clue what to do with it. Any help would be greatly appreciated. thanks

  • @goetia said:

    found the .b***** file and the k code inside but no clue what to do with it. Any help would be greatly appreciated. thanks

    The first line has the hint what you need to do.

  • Got it! thanks, a little patience goes a long way. On to root now.

  • Rooted
    Fun box, learned a few things. Thanks to Lewis1991 for great hints.

  • Ok, I hit a wall. I am positive is have the binary needed for priv esc. However, I am not entirely sure what to do with it. I can run it, but the output is not that helpful.

    Any PM with guidance would be much appreciated.

  • @bu77er0verfl0w Finally got root. Thanks alot for that general tip. @dolphoneman I would read and go back through some of the basics. If you believe you found an binary, Do some digging, you should know what to do it.

  • I got user flag easily, but now I am stuck on the root flag despite all the hints.
    I found the v******r binary, but I don't know how to use it.

    PM me please!

    Thanks

    Agostinelli

  • Everyone was right about root.txt. It is right in your face. Just run it and see the output. User.txt was a little harder, but focus on the stego. IppSec has a great video on this (10/10). Great job @MrAgent!

    I have definitely learned a lot with this box.

  • Type your comment> @osmus said:

    Everyone was right about root.txt. It is right in your face. Just run it and see the output. User.txt was a little harder, but focus on the stego. IppSec has a great video on this (10/10). Great job @MrAgent!

    I have definitely learned a lot with this box.

    PM if anyone wants some tips :)

  • Hi there. It took me 20 minutes to get root from the start, but now I'm awared that I did something in a wrong way. The thing is that I got root without getting user, just intermediate shell. Whom can I pm to consult?

  • Very nice machine! I've learned a lot!
    Getting a shell isn't very difficult, you just have to enumerate the server very well.

    After the shell getting user is simple as tricky because there is a C** part and to solve it you have to look around very well.

    For the root part, I've followed so many rabbit hole but in the end it's more simple that it looks.

    Thanks to @PavelKCZ and @tabacci that have helped me!

    If you need assistance just PM me.

    Hack The Box

    Message me with 1) Problem description 2) What did you try so far? 3) Your ideas about next steps

    If you appreciate my help, please give me +1 respect
    https://www.hackthebox.eu/home/users/profile/57582

  • Type your comment> @north091 said:

    Type your comment> @Vex20k said:

    Could someone find it in their heart to help me out with root? I've been staring at the SUID files, but cannot figure out which one to use..

    EDIT:
    I've googled all of them but could not find a way to privesc, that or i'm completely blind.

    Attention time

    Also at this point.I know it's staring me in the face but I'm down the rabbit hole and took the wrong coloured pill :(

  • Conseguido, user y root¡¡¡¡

Sign In to comment.