Zetta

13567

Comments

  • edited September 2019
    I'm stuck on root... got full access to r** and post**** users but don't see anything helpful to escalate. Anybody with a nudge?

    Edit: got root, thanks @polarbearer for reminding me of the obvious

    florian1999

  • anyone experienced problems with the n**p script to b***e the backup service? it seems like it doesn't try any p******d and exits..

  • Type your comment> @asabellico said:

    anyone experienced problems with the n**p script to b***e the backup service? it seems like it doesn't try any p******d and exits..

    Scripts don't work me either.

  • @asabellico said:

    anyone experienced problems with the n**p script to b***e the backup service? it seems like it doesn't try any p******d and exits..

    The script doesn't work for ***6. You need to write your own.

    clubby789

    • GCIH | GCIA
      If you need help with something, PM me how far you've got already, what you've tried etc (I won't respond to profile comments, or on box release night). And remember to +respect me if I helped you ; )
  • Type your comment> @clubby789 said:

    @asabellico said:

    anyone experienced problems with the n**p script to b***e the backup service? it seems like it doesn't try any p******d and exits..

    The script doesn't work for ***6. You need to write your own.

    yes! yesterday night i found my way!

  • Sv5Sv5
    edited September 2019

    Anyone i can PM to discuss my theory on Privesc for zetta, i tested it using another function and it works to the dot of the theory, but when it comes to the actual thing to get shell nothing is coming back..... Im frustrated now and i dont wanna give up either... You can also PM on Telegram @LordeDestro

    NVM, Got root... Kinda Lame though, i wanna know how to do it the shared way though... Reardless great box @jkr

    LordeDestro

  • Done a lot of research into ftp and passive connections but stuck on where to go if someone could PM me some help

  • edited September 2019

    Would appreciate some hints for priv esc.. have user shell.

    Seen some g** folders with post*** credentials but it's incorrect.
    Not sure how to proceed at this point, if someone could DM would be great.

    Rooted!
    Thanks to @clubby789, @naveen1729, @Lu191 and @d4rkpayl0ad

  • Looking for help with foothold:
    I am trying to leak info from ftp, trying proxy-connecting from zetta to my server, but... i suppose, i can not? Or my command incorrect? Anyway, is it looking like right way to go? If yes, can you consult me how to do it properly? I can send you my steps in PM.

  • Anyone one still around here? :) Just got user shell, and would appreciate a nudge :)

  • Did I say how much I enjoyed this box? Beautiful, hard, challenging. Thanks @jkr. Just rooted your beast. :-)

  • edited October 2019

    Could someone who's successfully gotten commands to run via the r-----g s--i PM me? I have been unable to figure out a working syntax for a very long time and need a nudge. The e-----d q---e in later part I cannot get around.

    Hint for moving on from r-- because I wasted and lost a lot of time in ignorance... Go for the (money) $$ to escape the poverty of your initial foothold. It's not fame and riches, so to speak, but it's a post-hoc gain.

  • rooted this morning. thanks for this box!

    just some doubts about my privesc method: if everything is not manually removed, everyone who comes later, by reading what I've done, can use native tools instead of the supposed way.
    if anyone is interested in sharig the privesc method used can PM me

  • So for the r***c creds, do we need bruteforce?
    Or watch the show?

    Can't find any other way to get them.

    PhaethonRising

  • Finally rooted. What a box! Enjoyed every minute of it, thank you @jkr!

  • Root - thankyou for the nudges @v1p3r0u5


    OSCP | PMP

  • need some nudge with r**** guys

    Hack The Box

  • Got the user. One of the hardest users ever.

  • edited October 2019

    rooted. Thank you @v1p3r0u5 for nudges. Also thank you @jkr for the box.
    For root:
    I wanted to obtain a reverse shell by r-----g s--i, but my reverse shell was unstable. So I got s-- creds from the machine in a short period of time. Not sure this is the right path.

  • edited October 2019

    hmm... it took very long time to b**e backup service with help of np script... yes?
    Edit: Its was my mistake. Rewrite n*p script and then got user.
    Edit2: Rooted!
    Very nice box! Thanks @jkr !

  • I'm user, got some creds. Get some hidden file as user.
    Great ! Whats next ? didn't noticed anything special in all the file i've grabbed from these hidden place.

    Can someone give me a nudge in PM ?

    Jugulairel

  • edited October 2019

    Finally rooted.
    What a journey.

    Really thanks to @jkr for the machine and @bambunz for the help.

    Initial foothold: carefully read the web page and see what zetta guys are trying to provide

    User: get your hands dirty and break that service

    Root: enumerate, you will find what you need.

    See you guys.

    Hack The Box
    Click here for HTB Profile: You are welcome to contact me for a nudge, but if I help you, please consider giving respect.

  • Rooted, thanks @blink3r for the hint.
    It was a long way with custom scripts & mirroring the env itself. The box is hard, so do not expect to read the root flag in 5 minutes.
    Everything you need for user is already in this thread.
    Don't even try to bruteforce on the way to root. Better read the "notes" once again & check every single point.

    dsavitski
    PM for hints, but try to describe exactly where u are on the box and what you've tried. Don't forget about +respect button:)

  • Type your comment> @weelye said:

    Would appreciate some hints for priv esc.. have user shell.

    Seen some g** folders with post*** credentials but it's incorrect.
    Not sure how to proceed at this point, if someone could DM would be great.

    Rooted!
    Thanks to @clubby789, @naveen1729, @Lu191 and @d4rkpayl0ad

    hello !
    stuck at the same point :-(
    could somebody give me nudge please ? thank's so far

  • I made it to the right port with the right w::y but now I need to find m******s and c***s
    for the service on that other port. Any advice, no ready made scripts are working.

  • Got user but no shell. I need to figure that out.
    Fun Fun Fun box!

  • Got user.txt

  • edited November 2019

    Stuck a post-user/root. Also found the incorrect creds and configs. Have an idea of "what" I need to do, but grasping at straws at "how" to get the payload there. Any DM would be greatly appreciated.

    Edit: been a trip! Rooted.

  • WOW... Rooted... Thanks to @Cptsticky for helping me out.. HAD A BLAST on this one...

    Hack The Box

  • edited November 2019

    So nice and well thought out box! thanks @jkr. learned a lot of new stuff here.
    ps restriction is awesome, felt really uncomfortable not able to see all processes. this is the first time i see such thing on a box.

    p****** took me long just because I'm not that good at s** syntax and even worse with this particular syntax. After I got reverse I found out that pentestmonkey got us covered with cheatsheet which would saved me days of reading. Though i don't regret i haven't found it earlier =)

    @Cptsticky, thanks for the nudge

Sign In to comment.