Postman

Who was able to use the r**** un** exec module in msf for the user part?

I have rooted the system

@jasperonio said:
Am I the only one can’t found script to exploit h++p based b+++er o+++f+++ of r+++s ? ■■■■!
I figure out the vulnerability is CVE-2019-101++ but now I don’t know what can I do, if it’s right way… Any hint for me, please? :frowning:

Pm me whats your direction

Rooted the box, learned a lot. Thanks to @TheCyberGeek.

Hints:
Everything on this forum is already enough but sharing my part.

Foothold: Do not waste time on regular port, stick to rs, get the script fine tune it and you are in.
User: Do very basic enum and you will get the juicy file just give it to john as he loves juicy things.
Root: You will need to use m
*****t get the right exploit that you found on higher port run it and you are done.

Hope this does not become spoiler :wink:

Thanks for the box! Played with some services I’ve never had occasion to. Cheers.

Got user. On the way to root.

Rooted :). Learned many things that I don’t know completely. Thank you @TheCyberGeek.
Thank you @H3x3D @verdienansein @kkaz @Warlord711 @trollzorftw for hints.

Getting user is more difficult than root.
As said, root is straight forward. Use what you have.

Type your comment> @Flikk said:

Rooted. There are enough hints to get through everything here, but feel free to PM me if needed.

how do get initial shell?

Got user and root. First HTB box. Enumerate, be patient, and stick with it.

Type your comment> @emp1 said:

is there a need to use sys ***. ex ** no re ** s?
even using Re ** Ro *** If ** in interactive mode, I can’t run sys ***. ex ***

PM please!

There is no need to use that command, search for re**s exploit and just follow the instructions step by step.

Type your comment> @ju5tn0w103nt6y said:

Type your comment> @Flikk said:

Rooted. There are enough hints to get through everything here, but feel free to PM me if needed.

how do get initial shell?

Nmap scan for the ports between 1 and 10,000 as someone already suggested in the forums before.

I am studying for the OSCP and I have just rooted this box. If anyone was able to get root without the “tool that makes it easy”. Please send me a message. I am trying to find a way to do it but I am not too sure how to go about it.

Thanks,

can anyone pm i am justing starting can i get some suggestions regarding vulnerability scanner i have found r***s but can’t able to do more than that

can anyone pm i am justing starting can i get some suggestions regarding vulnerability scanner i have found r***s but can’t able to do more than that

I got access to r… user and found i._…b… file and got a match of c…8 using john. Do I need to use this information to port 10,…? I tried using s.h to M…t and r…t but Permission denied.

Rooted my first box. Thank you @TheCyberGeek, I learned a lot.

Stop DoS’ing this box, you don’t need to brute force

Spoiler Removed

I’m stuck, I can’t even understand how to get the user r***s. Even with all the clues, the exploits don’t work and I don’t understand what I have to list, please PM me

Don’t like this box, for now, it keeps getting attacked by brute forces of someone…

Connection keeps dropping

I found the service through an initial scan, but when I try to run an exploit it constantly states it’s not vulnerable. I’m a complete noob in this so a nudge in the right direction (e…g articles, tutorials) would be nice!

i have tried to exploit r**** with metasploit the check is ok but the exploit faill every time
I don t know if i have to add something to the exploit any hint