Craft

beer, silicon valley, and hackthebox? doesn’t get better than this.

User:
don’t overthink the jail. Say hi to your neighbors they may greet you with beer and snacks

Root:
pay close attention to the components involved. And how they may be used to root the box

Cheers! ?

Hello everybody.

I’m trying to exploit the vunerability in the code b***.py, but I don’t understand why my payload doesn’t works. I tried it on my machine and it works without problems. Please, someone can send me a PM to verify my payload and give me a nudge to understand why it doesn’t work ? Tanks

Edit : I have the user now … I’m reading the documentation of V***t . I don’t know exactly what to do , and I hope I will find in the docs.

Edit2 : Rooted … once you get the user, get the root is really easy. Just find something which manages secrets and read the associated doc.

Can somebody PM me and give me a hand on the initial shell?

I’ve gotten a nc shell to launch with an authenticated c*** request, but it’s connecting from my machine instead of the server.

root@craft:~#

:slight_smile:

Hi @ all ! Started with Craft and got Creds from d***** to login and also got ssh key! Tried to exploit the e*** on system it works but when posting on the server it doesn’t! Now i’m stuck can someone help me ? THX to all for helping me :smile:

Hi all,
I found d***** creds, using which I exploited a certain function to get back a reverse shell. However, I am in a B****** shell, I think. Can’t do anything from there. Not sure how to get out of it. Pls PM me someone, any kind of nudge would be appreciated.
Thanks :slight_smile:

Rooted. Lol. :slight_smile:

Is there no webpage? If I go to http://10.10.10.110 I get unable to connect. but I can namp it and see 2 open ports. Is that normal?

Did anyone have any issues with their SSH client hanging after successful authentication? I am working on getting user and believe I have found the correct path. Found interesting file while enum in jail and ran SSH in verbose mode to see auth was successful.

Fixed → Note to anyone that comes across same issue, don’t throw everything at the door until you know what you have.

Hey all,

Can someone pm me help on getting initial foothold, I am able to get RCE however I am not able to get a callback or the desired output i’m expecting. I believe i know what I have to do, according to an article i found online, however i can’t seem to get it working. I believe it’s due to my lack of understanding of how python works and would like to discuss further with someone via PM to avoid spoilers.

I’m stuck in jail, could someone send me a PM for a little push? thank you very much in advance ^^

Type your comment> @invictim said:

If anyone is getting stuck after RCE and interacting with db (before getting user), and you’re using commands with * to enumerate but getting single responses, try commands that select things 1 at a time.

Thanks so much, this is so good!

I found ps in de, but not working with s*h.
Oh, another user nice

user.txt good

Fight with v…t

login to v**** with s*** policy, what next?

root.txt 831…

PM me if u stuck

Hi Guys im stuck on Gil** user and i don’t know how to escalate to root can someone give me a nudge. PM’s are welcome

Fun box!

Anyone around that would be able to take a look at my syntax and tell me what I’m doing wrong?

I’m getting “{“message”: “The browser (or proxy) sent a request that this server could not understand.”}”

when I try to c*** and create a new b***

rooted.
whoa, what a ride. Nice box!

@Lycist

That might be escaping problem. Try easier way via w**

It’s very realistic machine ! <3
If you need nudge PM me

Why the ■■■■ do I have the message " **** failed, invalid key"… when I try to create my root token

im stuck on this very last step, please help me in private message ty

ok rooted, was easy as ■■■■, I dont know what is the interest of v***t if you can connect like that

Well this was interesting. The user had layers and layers, like Shrek… i mean onions. The root on the other hand was just… getting it. thanks @rotarydrone