Finally rooted. Thanks to @Nick the man and to @dalemazza. There are tons of great hints in this thread already.
I don’t understand why this box has so many downvotes. You can easily find out e*******h commands from google, use those to dump all the info and then use grep on that to find the keyword the needle gave you. PrivEsc on this box is also really cool.
Make sure to change the filename at the very last stage of root if you change something on the file. And feel free to pm me for help.
An empty response which comes immedietly, may mean that something has connected to your nc. Have you tried a command in that box?
Also, it seemed to be a little like, once the exploit had been used, it’s unusable for the next person to come. I had that issue when i accidently closed my shell…
Finally got root. I really enjoyed this one. It would have taken me way longer if the forum here hadn’t suggested to go from s* user to k* user before heading to root. There seems to be some amazing minds here on htb.
Hey guys, I’m on the very last step. I can’t get g**k to work for me to save my life. Can anyone help me out via PM or something? I would appreciate it a lot.
User: Learn how to work with E in ELK.
Root: It really is all about the g**k filter. It has to be right or nothing will work. Learn exactly what it wants.
Enjoyed the box! Having a good read about the ELK stack does make your life much easier, so you can understand how the various pieces come together. If you do this (and have performed sufficient enumeration earlier) you’ll know exactly where to look to escalate further.
@PanamaEd117 : Yeah enumerate more, as you’ll have a different set of permissions now that you have a different user.
Its finally done, ■■■■■■■■ this box! This box is kinda frustrating but was a good challenge.
user: knowing a bit of spanish helps, use google translate if you can’t understand it, pay close attention to the image, it holds secrets, learn to work with the things running on the higher port, so you can get to lower one.
root: this is ■■■■, you have to become another user, there is a cve for that, and once you become another user you need to read l******* configs so you understand how it works, then you need to trigger your files to get root.