• My first box! Learned a lot from this one. Thanks!

    Hack The Box

  • Hello guys,
    Please could you help me ? I tried upload .php file but without success pleas could you someone provide right way for me ? :)

  • if anyone needs help with the c_a.php code and/or how can do the privesc to user send me a dm

  • edited November 2019

    Edit: Rooted.

  • Rooted ^^, it was my first machine and i was so funny.
    User shell: basic steps to get it
    root user: enumeration and google

  • edited November 2019

    I have got to a point where I query via url and see files but dont know what to do from here...any nudge please

  • Rooted! Nice box @guly! Root was easier than user, but overall this one is probably one of my favorite boxes so far in how you privesc to user!


  • Type your comment> @D3Fix said:

    Type your comment> @Ursa said:

    If anyone is good at PHP, I’d very much appreciate a PM. I don’t want to put too many details here, but two parts of a certain script are troublesome and I can’t find what they do anywhere online.

    You can PM me if you still need help

    me too please help me

  • Spoiler Removed

  • Type your comment> @D3Fix said:

    Finally got root after 3 hours of overthinking.

    User tip:

    • GIF89a
    • cron
    • touch

    Root tip:

    • see what u can run as root with user g***
    • research about network-scripts
    • use basic linux commands

    If you need help, PM me. (please be as clear as possible, when message me. Like, what have you done, where are you stuck, etc.)

    I had been guly ,can you help me get the root?

  • edited November 2019

    Got user.txt . But cannot open. Any nudges will be great

  • Another good box.


    Hack The Box

  • Favourite box so far. Pretty simple and great first box for a beginner like me. Did user the first night and came back for root two weeks later. Learned a lot and used a few exploits I hadnt previously.

  • edited November 2019



    respect those who helped you

  • working on how to use c...._a......php and its crontab.
    I have understood (maybe i am in wrong) that I should do something in the u......s directory...and suggestion?

  • I need help with user. can somone pm me and help

  • edited November 2019

    edit [Rooted]

  • edited November 2019

    So I have run a local server where I used the backup files and linked them together, my exploit seems to be working here, but somehow I cant do this on the machine. anyone willing to help?


    I Got a shell on the server! Now trying to get a shell into user.

  • A little late to the party but I just finished this. I gotta say this was actually one of the more realistic, less CTF-y ones so far! Thanks @guly !

    for the initial foothold: Pay close attention to the types of whatever you upload. This took me a while to remember, but this is a straight-up realistic developer error you will come across as a pentester

    User: enumerate (but not toooo much), and then read carefully! Also wait.

    Root: enumerate (but not toooo much). It's easy to find it, hard to understand it (for me) - I am still trying to dig through the manual to find why this works

    I did not use any enumeration scripts, exploits or bruteforcing/guessing, not necessary!


  • anyone help me how to get root access i just got user access g***

  • Got User Flag. Any Hints For Root?

  • got user and file c*********.*h, someone can pm me for a little hint? i now that i can e**c something

  • w4xw4x
    edited November 2019

    That was a nice machine, thank's to @guly .

    PM me for hints if you want :) (user / root)

    If i helped you, +1 respect please !

    Hack The Box

  • Finally got root on this one!
    User was pretty easy... root not so much :p

    Fun box!

  • I'm stuck on the initial foothold. I can get an incoming connection, but a shell isn't spawning. Any help?


  • I have a question,

    I got to user.txt and I saved it on my pc, now if I go to sleep and I want to come back the next day to complete working on trying to get to root, why do I have to repeat all the process of having the shell until getting the user password? why can't I connect directly with the password I already had ?

    I tried ssh [email protected]
    password: password of user
    it outputs to me: authentication failed

    is there any way to do it?

  • [Rooted]
    Cheers! @guly never known the vulnerability for root priv until i played this box. Learned something new :D

  • edited November 2019

    Got Root::root part was fast and fun, you just need to read the included i*\*\*g-g\*\*y netfile
    this box is all about viewing and reading source codes.

  • Hi guys, I'm struggling with this machine, no idea how to get user (trying to dirbust the machine IP on port 80). Any hint by PM, please?

  • Type your comment> @markontherocks said:

    Hi guys, I'm struggling with this machine, no idea how to get user (trying to dirbust the machine IP on port 80). Any hint by PM, please?

    You can PM me if you still want help

    Hack The Box
    Silence, i'll hack you!! ;-)

Sign In to comment.