Ellingson

got my user flag, really enjoyable adventure so far, but i was wondering.

Is binary exploitation the only way to root people have found so far, it is one of my serious shortcomings, I would like to delve into the topic one day but im pretty sure which my close to non existing skillset, this would be close to impossible task (if summer holidays with no responsibilities still existed… maybe just maybe.

Thanks for the great journey so far

Type your comment> @Ketil said:

got my user flag, really enjoyable adventure so far, but i was wondering.

Is binary exploitation the only way to root people have found so far, it is one of my serious shortcomings, I would like to delve into the topic one day but im pretty sure which my close to non existing skillset, this would be close to impossible task (if summer holidays with no responsibilities still existed… maybe just maybe.

Thanks for the great journey so far

Yes…BE is the intended way to grab root… Read @deviate comment… It was awesome…

That.was.exhausting. Talk about being thrown in at the deep end.

PM if you need hints.

Rooted! Really nice box, forced me to learn the basics of binary exploitation. Actually now I’m thinking of learning some assembly to fully understand how stuff work on low level.

PM for hints :slight_smile:

stuck in user, system commands are working fine but not able to get reverse shell, dont know whats wrong , dm me pls

Guys, I got user, but I have zero experience with BOF… Anyone willing to mentor me?
I do understand the concept, just no clue how to put it to work.

good box, I really appreciate this type of hacking <3 perfect one to come out of my 6 months busy with live vacation back to hackthebox :slight_smile: <3 missed you all

I have tried cracking the has multiples times with hashcat going through the entire rockyou list but keep getting the same bad value?

For user if anyone is stuck for many days like me because you couldn’t get the “hashes” mentioned by everyone here. Try resetting the machine. Somehow that crucial file becomes root:root 600

How many passwords are we expected to crack? I cracked one and got user but can’t find binary.

rooted! Super fun box.

Feel free to PM me for any help/tips!

ROOTED! It is my favourite machine without a doubt!

Thanks for the nudges @kotoffski !

If you need help ping me

Type your comment

Can Anyone PM me about the password cracking step? I found a hash but have tried several word lists with no luck. Thank you.

Type your comment> @greenpanda999 said:

So, I’ve had a couple of people ping me regarding the EOF error.

Baby1 | Writeups

Go through this write-up, maybe you could find something interesting.

I can’t recommend this enough.

Literally spent 2 days on root before taking this advice.

That error is basically impossible to debug unless you know the information contained in this guide…

(also, obviously, rooted)

Feel free to ping me if anyone needs help :slight_smile:

Hi all, I managed to get user on this box finally and it has been a very fun journey getting here. I keep seeing by e******n plastered everywhere in the comments and i’m not sure what I am supposed to be looking for to get started on root. any help would be appreciated :smile:

edit: Never mind, I know where to look but i am no where near ready for it :joy: on to the next box!

Anyone know a retired machine/s similar to this with B***** exploits to help teach me some more?

Type your comment> @mojorisin said:

Anyone know a retired machine/s similar to this with B***** exploits to help teach me some more?

Ippsec’s bitterman ?

Cheers, thanks the binary a new skillset for me.

Type your comment> @zalpha said:

I finally got root!! Had one small error (1 character change) in my exploit code. Thanks for the help @deviate! This was a great box. Probably my favorite during my short time on HTB!

I am having the exact same issue what you had with the s** part. Can you just point me to the right direction on what the issue was? I am trying to debug it since two days now, but unfortunatelly I haven’t made any progress yet.