Rooted! Arguably the best machine I’ve done on HTB so far.
Really struggled with the payload. I’d love to hear from others what payload did they use. I wonder if my way was the only one.
Hints:
- The forum thread is very informative for HTB standard. Spoilerish sometimes. I knew what to do to move from foothold to user even before having foothold.
Foothold:
- Enumerate. A lot. Look under every stone but not in CTFy way. Just look at what the public systems offer and follow the crumbs
- When you find a vuln you’ll struggle with a payload (I know I did). Don’t fret, just take it slowly. Try simple things first, build up on them. Make sure your payload does what you think it does, test locally.
User:
- Use what you already know to gain more information. You’ll even have almost-ready scripts for that
- Enumerate even more with your new info
- Remember: these guy’s (the dev team from the box) suck at security. Use their mistakes
Root:
- It’s really easy, compared to the user
- Find the tool, RTFM, root dance
- BUT copying command from tutorial won’t do. Make sure you know the keys before you try to stick them into the hole
If you still have problems, PM me, I’ll try to help.