Haystack

Type your comment> @bipolarmorgan said:

Type your comment> @twypsy said:

Type your comment> @bipolarmorgan said:

I think some of the hints being passed around aren’t considering total noobs. I’m still trying to figure out how to properly search… HINT: it is documented, but it’s hard to understand.

If you are having problems searching, you could dump the database as a JSON using a Github tool.

However, querying all the records should be easier.

Thanks, I finally did figure out the search and got what I needed… any hints on how to go from user to root?

If you are not able to escalate to root from one user, pivot to another user that might allow you to do so.

@twypsy said:
If you are not able to escalate to root from one user, pivot to another user that might allow you to do so.

I sent you a PM, but I have pivoted to another user … still stuck trying to figure out the privesc to root though.

Finally rooted. A well rounded machine in my opinion learned a lot. Thanks @JoyDragon
Also the hints from the forum helped me especially @D4nch3n and @Jacker31 !
User : Nothing to add
Root : If you are trying the debugger remember the magic only needs essence :stuck_out_tongue:

user: done!

If you look at the query limit, you can have indices reference.

I have found q***** and b*** in e************ db but i do not know to explore it further. Hope this wasn’t a spoiler. Can someone private message me please?

Got user! First box so pretty happy

Can someone help me get a shell?

ROOT HINT: learn the ELK stack, and maybe a little black magic … which FYI learning the stack is more difficult than you may think.

Free Hints:

User: remember spanish is always the key for this and the security is low.
Horizontal PE: Banana user has famous lfi exploit, but the trick is running locally only, YOU NEED LOCAL PORT FORWARDING .
Root: Spanish again but not Literally :slight_smile: 3 files they will process, define and execute your foreign command in a txt file you should created in a path defined in one of the files which contains your reverse shell to root.

Finally rooted! the black magic definitly help alot.

Got root. Nice box of learning ELK stack ,Kibana and logstack :slight_smile:

Finally done! This was a pretty fun box. Hints about SSH Black Magic and ELK Stack were the most helpful and kept me from being stuck for long.
Thanks @bu77er0verfl0w for the great hints!

Hi,
I’m unable to escalate to ka , tried renaming the js of known vulnerability, does the ka service need to be running for that?
Really appreciate your help
Thanks

Type your comment> @alalno said:

Hi,
I’m unable to escalate to ka , tried renaming the js of known vulnerability, does the ka service need to be running for that?
Really appreciate your help
Thanks

you are on 127.0.0.1 you want to access a routable IP your IP then what you need … see my previous comment in Uppercase :slight_smile:

@twypsy said:

If you are using curl and you get errors …

-Use quotes … curl -XGET ‘http://’
Just FYI: for curl the default is GET method you the above option -XGET is not necessary.

Well that box had layers. Nice.
Took me some time since either my shell bugged or someone sabotaged the box, since did not see the confs in the correct dir. And naturally I didn’t look there again until the next day even tough the box was reset multiple times in between. :slight_smile:

Rooted. Going from user to root was challenging, but really satisfying. I agree with those saying this box shouldn’t be categorized as “Easy.” Quite a bit of research necessary. Learned a ton.

If anyone needs a hand, feel free to DM.

I need help with this box. I have gone through all the steps of finding the n**** in the h****. I successfully translated but now the problem is the place I thought it was to be used was wrong, i feel like i am running in circles. Any direction would be greatly appreciated.

Type your comment> @Z0d said:

Type your comment> @alalno said:

Hi,
I’m unable to escalate to ka , tried renaming the js of known vulnerability, does the ka service need to be running for that?
Really appreciate your help
Thanks

you are on 127.0.0.1 you want to access a routable IP your IP then what you need … see my previous comment in Uppercase :slight_smile:

Thanks @Z0d for the port forwarding hint. But still i’m unable to escalate to k****a…unable to listen… am i missing something here?? I’ve configured the correct port & IP but something seems amiss…need a nudge
Thanks

i know the indices, but i have no clue to use it.
i know the ssh username but i dont know the password.

can anybody please help me… its been a week for me… to complete this.