Ellingson

1246715

Comments

  • Type your comment> @R4J said:

    as iam getting a lot of dm's I would advice everyone to learn basic rop and not rush for the root, this video by ippsec may also help you -

    I just found this & checked back here to make sure it was the right one. IppSec mentioned it in the October vid. (I need a [email protected]!%$^!!!)

  • Working on root. Looking for help.
    Process dies with "Got EOF while sending in interactive" just as root shell spawns.

    This does not happen on older ubuntu machines, but happens on 18.04.

    Any hints how to prevent this? Feel free to PM. Thanks!

  • Type your comment> @akame said:

    Working on root. Looking for help.
    Process dies with "Got EOF while sending in interactive" just as root shell spawns.

    This does not happen on older ubuntu machines, but happens on 18.04.

    Any hints how to prevent this? Feel free to PM. Thanks!

    Stuck in the same place. Exploit works fine locally. Have tried multiple different ways to debug and either hangs or reaches EOF. Tried multiple different linked stuff as well.

  • Type your comment> @R4J said:

    as iam getting a lot of dm's I would advice everyone to learn basic rop and not rush for the root, this video by ippsec may also help you -

    THIS (don't rely completely on the libraries to do the job for you, it won't work here, at least didn't work for me)
    Very fun machine. Thanks to @NPCMaster , @frosters and @sarange for pointing me in the right direction.

  • stuck at user for a day or so, i have shell access . Done some of the normal enumeration. Found something for the plague to try to brute force but hour in doesn't seem like the route. What am I missing? I feel like I am overlooking something obvious, any nudges would be appreciated.

    OSCP

  • Type your comment> @m4xp0wer said:

    Type your comment> @R4J said:

    as iam getting a lot of dm's I would advice everyone to learn basic rop and not rush for the root, this video by ippsec may also help you -

    THIS (don't rely completely on the libraries to do the job for you, it won't work here, at least didn't work for me)
    Very fun machine. Thanks to @NPCMaster , @frosters and @sarange for pointing me in the right direction.

    Thanks, helped me a little bit. Didn't work for me at least but trying to figure out it now.

    v1ew-s0urce.flv
  • edited May 2019
    Well I had no idea pw****ls had ssh tube. Local working exploit is not working this way tho. Any tips?
  • edited May 2019

    Spoiler Removed

    opt1kz

  • edited May 2019

    Real good info mate thanks but in my I case already tried ssh port forwarding and such but apparenty my problem was being lazy and assuming too much. -.- I got it now and the ssh tube of pwntools works very well too, I can confirm.

  • I had the most fun with the exploit development.

    limbernie
    Write-ups of retired machines

  • I have a shell, and I have a feeling of what I have to do next, but I can't get forward with this. Can anyone help me? Feel free to dm.

    badge

  • I'm not sure that @opt1kz comment was a spoiler - I found it informative - I would like to know more about how to actually use that type of setup - so thanks. The ippsec bitterman video is very good but there are always twists. Thanks to @rahul3515 and @krypt for their help.

  • Hey there,
    I've worked it out until the shell but for some reason I can't seem to be able to get a reverse shell from there / work out the ssh. Anyone to discuss on this? I think I'm pretty close to getting it to work, just missing a little something.
    Thanks!

  • edited May 2019

    Anyone feel like dropping me a PM? found some hashes, but they're taking a lot of time to crack. Is this the right track for user?

    edit.. NVM, figured it out..

  • I really need to switch to a 64bit kali vm

    Hack The Box

  • Well, please dont copy paste the addresses from the bitterman video lol it makes no sense

    R4J

  • Type your comment> @m4xp0wer said:

    Type your comment> @R4J said:

    as iam getting a lot of dm's I would advice everyone to learn basic rop and not rush for the root, this video by ippsec may also help you -

    THIS (don't rely completely on the libraries to do the job for you, it won't work here, at least didn't work for me)
    Very fun machine. Thanks to @NPCMaster , @frosters and @sarange for pointing me in the right direction.

    I dont knw how u did it, but the library will do the job

    R4J

  • Hint for root: Doing it exactly as the bitterman video wont work. You need one more gadget in the second stage.
  • Type your comment> @R4J said:

    Type your comment> @m4xp0wer said:

    Type your comment> @R4J said:

    as iam getting a lot of dm's I would advice everyone to learn basic rop and not rush for the root, this video by ippsec may also help you -

    THIS (don't rely completely on the libraries to do the job for you, it won't work here, at least didn't work for me)
    Very fun machine. Thanks to @NPCMaster , @frosters and @sarange for pointing me in the right direction.

    I dont knw how u did it, but the library will do the job

    I was super frustrated and I couldn't make it work that way. Could you PM your code ?

  • anyone working on sploit dev that wants to brainstorm and troubleshoot, feel free to DM

    -Keep Learning
  • Type your comment> @m4xp0wer said:

    Type your comment> @R4J said:

    Type your comment> @m4xp0wer said:

    Type your comment> @R4J said:

    as iam getting a lot of dm's I would advice everyone to learn basic rop and not rush for the root, this video by ippsec may also help you -

    THIS (don't rely completely on the libraries to do the job for you, it won't work here, at least didn't work for me)
    Very fun machine. Thanks to @NPCMaster , @frosters and @sarange for pointing me in the right direction.

    I dont knw how u did it, but the library will do the job

    I was super frustrated and I couldn't make it work that way. Could you PM your code ?

    Dm me on discord @r4j#2136

    R4J

  • So, I've found the t******** and I can list directories with a simple p***** command, but unable to read files. Any chance of a nudge or something I could read to learn how? Just started learning p***** so my knowledge is minimal.

    tiger5tyle

  • edited May 2019

    Type your comment> @zweeden said:

    Just got started - enumeration still going; found W***z**g while doing stuff manually is this the right path? Can we get RCE this way through debug or do I need to look harder at some errors? :)

    EDIT: Yup, now have shell as technoweenie, working on getting user. Can't seem to find anything pertinent to privesc. I must be missing something. I've run a few enumeration scripts and monitored processes to no avail. :/

    EDIT 2: Well I got user.txt from the one with the God complex. I've seen g****** and b***** e*********** mentioned in this thread much to my chagrin. I might give it a crack when I'm feeling up to it. Thanks @Dmwong for the hint

    was W*zg the right path???

    Solved...

  • Hey guys, I got my shell but I'm stuck on getting user, I have already run a script to do my enumeration, but I'm sure I'm missing something, any nudge would be appreciated. :)

    Hack The Box

  • Type your comment> @n1b1ru said:

    Type your comment> @zweeden said:

    Just got started - enumeration still going; found W***z**g while doing stuff manually is this the right path? Can we get RCE this way through debug or do I need to look harder at some errors? :)

    EDIT: Yup, now have shell as technoweenie, working on getting user. Can't seem to find anything pertinent to privesc. I must be missing something. I've run a few enumeration scripts and monitored processes to no avail. :/

    EDIT 2: Well I got user.txt from the one with the God complex. I've seen g****** and b***** e*********** mentioned in this thread much to my chagrin. I might give it a crack when I'm feeling up to it. Thanks @Dmwong for the hint

    was W*zg the right path???

    Solved...

  • Done root , nice machine thanks to @Ic3M4n @f4d3 @postrequest @DeCipher DM me on mattermost @lokendra if you need a nudge , This machine is awesome like october :)

    lokendra
    Message me with 1) Your problem description. 2) What you tried so far? 3) Conclusions.
    RESPECT++ IF I HELPED YOU.

  • hey guys, I hacked the Gibson, found the garbage file but I'm still the techno weenie (even watched the movie again)..... can anyone help me to a "better" user?

  • Type your comment> @n1b1ru said:

    Type your comment> @n1b1ru said:

    Type your comment> @zweeden said:

    Just got started - enumeration still going; found W***z**g while doing stuff manually is this the right path? Can we get RCE this way through debug or do I need to look harder at some errors? :)

    EDIT: Yup, now have shell as technoweenie, working on getting user. Can't seem to find anything pertinent to privesc. I must be missing something. I've run a few enumeration scripts and monitored processes to no avail. :/

    EDIT 2: Well I got user.txt from the one with the God complex. I've seen g****** and b***** e*********** mentioned in this thread much to my chagrin. I might give it a crack when I'm feeling up to it. Thanks @Dmwong for the hint

    was W*zg the right path???

    Solved...

    Finally I got user

  • edited May 2019

    @guillotinus said:

    hey guys, I hacked the Gibson, found the garbage file but I'm still the techno weenie (even watched the movie again)..... can anyone help me to a "better" user?

    If only you had someone in your group who could help you shed some light on where you should cast your shadow.

    Sure would be a good practice, like taking regular backups!

  • Type your comment> @wabafet said:

    just a question why are we constantly starting a discussion about a box that is 23 hours from release just curious

    Gotta hype it up bro. Don't be a stiff ;) hehe

    "ClickmedotEXE"
    CISSP | OSCP
    arodtube

Sign In to comment.