Networked

I got root, With just luck.
It did already happened with one or two boxes on HTB earlier.
Can any one explain, How and Why this works?

Can someone DM me regarding the c****_a***** php file. I can see mostly what it’s doing - but not sure how to manipulate it.

Thanks.

ROOTED!

I really enjoyed this box! Nice techniques and I learned a lot! The user part was more difficult than root but I loved the privesc both user and root

  • Foothold: you just have to upload something well crafted
  • User: not so easy to me, try to understand what php files do and which function you can exploit
  • Root: quite easy, first you have to understand what your user can execute and then exploit it

I hope this doesn’t spoiler too much, otherwise feel free to remove my comment.

PM me if you need hints

After a bunch of research, i finally found out why/how the root-privesc works. If you rooted the box and don’t know why, feel free to PM me, i will send you the link.

(same goes if you got spoiled the user-privesc and didn’t understand it)

got root pretty fast… in the first 10 attempts of test inputs , i will try later to study it in detail

Rooted! Fun box, and the first box I was able to root without even visiting the forum for hints.
The very last part took a bit of creativity though.

If you need a hint you’re welcome to PM me.

EDIT: After reading this thread, I apparently got root in a roundabout way, involving “some other way to write an IP”.

I’m at a loss on the root.

Got the user quickly but root has me stumped.

I know the file I need to use but I can’t see what I need to enter to escape.

Any hint over DM would be appreciated

EDIT: bit of sleep and a fresh look over and i cracked it. Good box! learnt a few things on the way to root

Rooted ! The problem here is the overthinking. Keep it simple

If anyone need a nudge just ping me

rooted.
For root, 1) basic check for your given privilege, 2) read a script, 3) try several things with the script and see the error message.

Rooted, nice box really enjoyed, thanks makers, learnt again ?

Need help con privesc, please pm a hint

Rooted!
Nice box

[root@networked]# id
uid=0(root) gid=0(root) groups=0(root)

PM for hints :slight_smile:

Just rooted the box. Took me awhile to do so.

Initial Access: I was on the right track but tried to rush it so I made a oopsie and didn’t notice my mistake for at least 1,5 hours.

User: I needed a hint on this. I hate php and can’t read it very well. My cryptonite. technique wise it’s a rather basic thing. You just need to see where you have to deploy this basic technique.

Root: Basic enum gave the vector away in seconds. After reading the source and “the other source” I just tried it and out “things” in there. Took me about 10 or 15 minutes for root.

x41

I’m very Noob, any tips for a shel? Thank you

Type your comment> @LucSec said:

I’m very Noob, any tips for a shel? Thank you

upload

Wow this c****_a*****.p** really has me stumped. Can I get a hint or something to reference?

Alright, finally got root! Not too hard, just try, try, try again.
I was spoiled the user flag, so if anyone would be so kind to PM me how the c****_a*****.p** worked i would really appreciate it!

wow, box is crawling at turtle speed, takes me at least 5 minutes just to change directories…wth

do we need to alter the code of C****_a*****.P**? i dont know php, but i think i understand what its doing, i just dont understand what it has to do with gettting the user flag. What am i missing??

You know it really fucking sucks coming into this room for a hint and seeing 40,000 comments all saying “iT’s So SiMpLe AnD sTrAiGhTfOrWaRd”. Why do people come in here just to be pricks?

Some of us can’t read PHP very well and get sick of looking up every single function, so it isn’t “simple and straightforward” for us.