Haystack

Hi, think found what need for root. Found soemthing that looks like it link were i can write now, Can someone OM me to discuss

Someone up for discussing the final part to root? Iā€™ve tried so many things, it got triggered, but even simple tests arenā€™t executed.

nice steganography

can anyone PM on haystack root hint?

hi I get an error in the apis parameter. can someone please tell me , am i on the right way?

Would appreciate a hint on the syntax for the final step to root :smile:

Edit:

Got Rooooooot :wink:

Rooted with a helpful nudge from @v0yager who saved me from my grokking nightmare.

For people stuck on changing user (paramater errors):

  • Google K***** config file and read the documentation. You can find the file easily and should then understand why itā€™s not working from where you are trying it.
  • When you curl from the right place make sure you wrap the url in ' (as posted above). This will stop the apis paramater error.

Iā€™m slow on replying to PMs currently but happy to help.

Hi, can someone help on the privesc part for root. I actually need someone to verify something for me if possible. Of course, a nudge would also be appreciated

@Meeryr thanks for your help

Is there supposed to be an actual image file on the homepage? For me, there is nothing displayed at all. When I go to the source code and follow the link, then download the image, itā€™s just an empty .jpg with 0 bytes. Is that supposed to be the case or is a reset in order?

Type your comment> @TimW94 said:

Is there supposed to be an actual image file on the homepage? For me, there is nothing displayed at all. When I go to the source code and follow the link, then download the image, itā€™s just an empty .jpg with 0 bytes. Is that supposed to be the case or is a reset in order?

there should be an image. although it is not needed for the box.

it does give a great HINT

Need some help with user priv upgrade to K.

when i speak to K i keep getting ā€œempty reply from serverā€

to my knowledge i am doing everything correctly and have also spoken to some people in this forum and cannot find the problem.

if anyone has any ideas please PM me.

Finally rooted this one as well. I have really mixed feelings about this box. Iā€™m a new user here (and this is the 4th user and 3rd root I got, sooooo yeah, pretty noob). But on the previous boxes I felt that ā€œthis could have been a real box that somebody just misconfigured/not updated/etcā€¦ā€ , not this one. I was stuck on the final step to root because who in their righ mind would put anything like that in the l******* config??

Hello there,
How do I dump the data from ElasticSearch DB?
I am stuck as Iā€™ve tried installing ā€œKibanaā€ as Iā€™ve seen in some videos its used as an API to interact with ElasticSearch I guess.
I tried searching ā€œ10.10.10.115:9200/_searchā€ and it provided me with a bunch of information. What do I need to do now?
Any help is appreciated.
Thank You!

Type your comment> @shellroot said:

Hello there,
How do I dump the data from ElasticSearch DB?
I am stuck as Iā€™ve tried installing ā€œKibanaā€ as Iā€™ve seen in some videos its used as an API to interact with ElasticSearch I guess.
I tried searching ā€œ10.10.10.115:9200/_searchā€ and it provided me with a bunch of information. What do I need to do now?
Any help is appreciated.
Thank You!

you need to slightlty change your search query to show all the data.

should be many indexes.

DM me for more help

I need a nudge on switching from the user s**y to ka

Could someone help me with the l******** privesc, i am already k******? I thnk i know what to do but it isnā€™t working.

On root. Never used this tool before, so trying to get it started. Any nudge wud be great.

@idomino said:
Finally rooted this one as well. I have really mixed feelings about this box. Iā€™m a new user here (and this is the 4th user and 3rd root I got, sooooo yeah, pretty noob). But on the previous boxes I felt that ā€œthis could have been a real box that somebody just misconfigured/not updated/etcā€¦ā€ , not this one. I was stuck on the final step to root because who in their righ mind would put anything like that in the l******* config??

hi,i think iā€™m in the final step,i try to add some script in lh_,but whatā€™s next?i canā€™t restart l*h.
if anyone has any ideas please PM me.

Rooted!!
Learn a lot about ELK,great box!!

hi,i think iā€™m in the final step,i try to add some script in lh_,but whatā€™s next?i canā€™t restart l*h.
if anyone has any ideas please PM me.

It runs automatically as long as itā€™s in the right place.