Hint for HELP

I am stuck with this machine. I modified the python script to find the URL of my shell file but no luck.
Any help? DM please.
EDIT: Finally got user and root.

Solved, it was duo to a fault in the script that was used to decipher the files.

Thank you @PavelKCZ for pointing me in the right direction.

Let the rooting game begin.

anyone available to help me. I was able to access the application url. but I dont understand how to get root.

help none of the exploits work and I am ripping my hair out somebody please PM me help thanks.

New to HTB, got my first box and now Help is my second box. I identified two ports with potential ways to get in. However, none of my attempts have worked, could someone message me so I can check to see if on the right track?

Rooted it :slight_smile: Sure was a very… interesting box.

wohoo…finally rooted…root is seriously simple, just have to find the correct exploit for your Linux kernel and you will get a root. What makes me crazy is getting user part. To upload the web shell is very tricky. NC + google is your good friend here. btw I dont have to know the credentials for the web app. you just need to find the way to upload your shell and get a listen back. Very fun box, though i took longer time than usual to get this as my 2nd rooted box, but it was very fun and i learned alot, considering im a new pentester. thanks for cymtrick contributing such fun box.

I think I need some help with privesc. I’ve found a potential pw, but seem to be unable to do anything with it. I’ve also tried to use an exploit, the output I get leads me to believe I ascended to root, but whoami tells me otherwise. Could use some help.

EDIT: ROOTED!! PM if you need nudged.

This box is really interesting. Its took 2 days for me to get the user as I was stuck with the error message. However, it was much fun to hack this box and I think that getting root is easier then user :slight_smile: Thanks to @cymtrick for this box. :smiley:

I too am among the weary travelers who need ‘help’ to get a foothold. Have attempted the Null-Byte method but fear I may have have stumbled down a ravine and sprang my brain. Please send ‘help’ my way fellow pilgrims…

I m able to upload my exploit but not sure how to call it back, this is where I am stuck. I am using Pentest monkey reverse shell. no sure what next ?

Finally rooted this box.

I must say user had me scratch my head for a few good hours. Mostly my main issues I was providing a wrong parameter.

Tips for User:
Take the high approach. Read what it asks from you. Get credentials and see where you can use them. Find general exploit and run shell. Don’t trust every error you get. Account for time.

Tips for Root:
Basic enumeration. Search common exploit. Run it and pwn it.

Thanks for the nudges from @Haxys towards finding user.
Thanks for the small push from @PavelKCZ to overcome my frustration and root it

Feel free to PM me for hints/nudges.

Well, I’m still at it…try harder right, haha. I have tried to rewrite the script and have made little progress on this box. Could really use some advice at this point. I know it will be something silly I overlooked. Time has been checked, and accounted for we are good. Creds have been found, used to log in, we are good. Scripts have been edited for specific purposes, should be good. NC is doin’ it’s thing, we are good. User accessed…not so good : (

Special shout out to @AndreiPintea for the gentle push in the right direction. PM me if you need on as well ; )

Lol! I just laughed to myself when I got root. It took too much time for me. I was overthinking about it.

Hint for root: Just go with basics. Enumerate the system. Maybe you can use a tool for it. Try different exploits if your current exploit is not working.

Hello, I am able to upload a payload, but not sure how to call it. Can anyone give me a hint?

Thank you for this amazing one. I learned a lot. The user was very interesting for a beginner like me.

Hey everyone, my third box on here. Currently I found 2 ways, Since Im not super deep into the javascript, I went with first method, I created 2 different shells, I did a bypass but not sure if Im getting the results Im support expect. When you upload you file for the ex****, does it just redirect you back to the main page or do you get some kind of a ticket number and a way to access your upload. If anyone can provide some help in that area, that would be great.

to add sorry for bad grammar, and I think it works because I don’t get the error for the upload but it just redirects back to the main page.

Just got root, if you’re stuck on what to do with your upload while getting user you’re going to want to do some more google-fu to find the next step (there’s some source code digging for a service that can point you in the right direction). Definitely a fun box.