Valentine

2456718

Comments

  • @multi said:
    Any idea on how to get through the encoding and decoding process ??

    Try encoding a few different random things and see what they have in common. Try searching for that.

  • Someone please give a hint for privilege escalation

  • @Raphaeangelo said:

    @multi said:
    Any idea on how to get through the encoding and decoding process ??

    Try encoding a few different random things and see what they have in common. Try searching for that.

    Actually i know whats going on it there but the problem is one is encoding into something the other is just decoding it back to that same thing so its getting back to the same thing i have as before

  • @swatcat91 see what's going on on the box

  • @multi said:

    @Raphaeangelo said:

    @multi said:
    Any idea on how to get through the encoding and decoding process ??

    Try encoding a few different random things and see what they have in common. Try searching for that.

    Actually i know whats going on it there but the problem is one is encoding into something the other is just decoding it back to that same thing so its getting back to the same thing i have as before

    Check which kind of encoding has been used.

    wirehack7

  • edited March 2018

    @multi said:

    @Raphaeangelo said:

    @multi said:
    Any idea on how to get through the encoding and decoding process ??

    Try encoding a few different random things and see what they have in common. Try searching for that.

    Actually i know whats going on it there but the problem is one is encoding into something the other is just decoding it back to that same thing so its getting back to the same thing i have as before

    Spoiler removed - Arrexel

  • @swatcat91 said:
    Someone please give a hint for privilege escalation

    I'm stuck here too. I've run LinEnum and haven't really found anything. Did you have any luck? PM me if you did.

  • Got root, but I didn't really understand what I have done for Priv Esc. Anyone who wants to discuss PM me.

  • I feel like I'm missing something on this one. I have exploited the vulnerability and grabbed the $text field. I've also determine what the hype is all about. I've figured out how these two things relate to one another, but maybe I just haven't enumerated a user for this box. Am I on the right track?

  • Hi just need a pointer I'm looking for the code I think I know format used to make it but i don't seem to see it in that format. I do seem to see some sort of hash but i don't think it's that. (trying not to give too much away)

  • Every time you run the exploit you will get different data....

    delosucks

  • priv is really dirty heart

    Shivarth

  • any hint for username ? i exploit it and catch md5 file and some different data's. im stuck here.

    umityn

  • @umityn said:
    any hint for username ? i exploit it and catch md5 file and some different data's. im stuck here.

    ok i got user. need hint priv. esc. please.

    umityn

  • @delo said:
    Every time you run the exploit you will get different data....

    if i put any of the data in it doesn't come out with anything useful I don't think I'm grabbing the right data

  • edited June 2018

    @Raphaeangelo said:

    @multi said:

    @Raphaeangelo said:

    @multi said:
    Any idea on how to get through the encoding and decoding process ??

    Try encoding a few different random things and see what they have in common. Try searching for that.

    Actually i know whats going on it there but the problem is one is encoding into something the other is just decoding it back to that same thing so its getting back to the same thing i have as before

    The server has such a bleeding heart to help you. Look for something that needs to be decoded from the servers gratitude ;)

    I think i am missing something that does it all i know that there is a ****** encrypt decrypt process but nothing gets me to the user data :-(

  • So if any hint can be provide so as to what has to be done please do tell me

  • I think i figured out what has to be done with the rsa key thanks everyone

  • suggestion -> use the python exploit and use grep to filter the junk out ;) may need to run it a few times before you get the goods

  • i got root.

    umityn

  • edited February 2018

    there is a real problem with this box to grab the correct dump, I spend a night sending hundreds of times the msf related exploit , grep and so on , then use python exploit that gave me poor dump results, I finally decide to upgrade to VIP account and after 5 minutes I finally get the good dump !
    I don't know if it's the attended way but it gives a good call to VIP membership !

    Nutellack

  • edited March 2018

    Spoiler Removed - Arrexel

  • Alright, I am stuck on this one. I have enum and found the information i needed (I think). Used both python and msf, and got info decoded from there. Just not sure how it all goes together. Am I missing something? Can some one point me to sites i can read? Just need a nudge in the right direction.

    Magavolt

  • I've seen a couple of people having issues with this one. Various tool scans seemed to be reeeeeeally mess it up. Just keep hitting the box with the well known exploit (maybe try times with lower users) and you'll get what you're looking for.

    Booj

  • Got user! thanks... off to root

    Magavolt

  • Yeah if you're not seeing a certain encoded string in the raw output of the exploit, just keep running that same exploit until you get it. I was pulling my hair for hours thinking I was doing something wrong.

    SpiceKing

  • @dsplice said:

    @jkm said:
    Got passphrase but no clue on username. can someone help

    Same here. Just stuck looking for that username

    username if in front of you just think a little not to much ;)

    Hack The Box

  • @multi said:
    Any idea on how to get through the encoding and decoding process ??

    you really dont need to use those encode and decode files if you have the encoded file then what kind of encode it is and then try decoding PM if need help Telegram @m4rkm3n

    Hack The Box

  • edited March 2018

    Spoiler removed - Arrexel

Sign In to comment.