Postman

Rooted!

Rooted, relatively easy in comparison to Forest, which almost made me lost my minds :smiley:
Feel free to PM for nudges

1st box and finally got in now for privilege escalation. Any nudges would be greatly appreciated. Used r**** to get in through s** as r****. Need to root. Learned alot so far thanks to @Franna for the initial nudge greatly appreciated.

Rooted!

Rooted

This box was not to difficult for me but I really enjoyed going through it, all the hints you need are already on the forum, but if you need an extra nudge feel free to send me a PM.

hi guys, i managed to get inside using r****-c** but not sure what to do here… any hints?

Rooted!Playing HTB for the first time, thank @bumika and @gluonsrgreat for their help, I love it here

got the p@pe of the i_.bak
trying using it to s
-i but the user m* was denied as set in the config file

if I cannot s**, how can I use the i*_***.bak for another way to login as user m?

thanks for the hint

Thanks to @TheCyber for creating this machine. I learned new things . Just wonder if is there anyone who is able to do privelege part manually, without metasploit? PM please

Hi new guy here.

i have some issue trying to get a shell on this box. i have found all the services, and i know about the S** key and r**** but i cannot change the directory (should i even ? or just leave it?) - Also are people just mad for flushing that sht ? xD
i guess I should be able to change the directory to another user account since i believe the r
*** account has no shell enabled?

How do i go about say getting the passwd file? from W*****? none of my attempts of directory traversal has worked out.

And there comes a kind of machine which makes you feel good about your skills. I found it pretty straightforward with both user and root.
There are more than enough hints for this machine here so if you get stuck anywhere on any point refer to them. Enjoy!

Rooted! A few hints:
Initial stage:

Don’t overcomplicate it like I did! Remember that it is rated as an easy box. I’ve wasted a couple of hours trying to fix that “module” thing. Think about what else you can do.

Root:
That’s an easy one, you will get it if you’ve done your nmap well.

root@Postman# cat /root/root.txt
Wasted a lot of time because someone was changing the user’s pass!
Root was very fast.

PM me if you need a hint.

It’s a nice machine, i’ve learned about r****, user and root is more simple that you think :slight_smile: if ssh not work think different !

Nice and simple machine. Enjoyed.
Somebody wrote earlier that got root before the user. Im wondering how? Perhaps I missed something … ?

I am struggling to get past this r****-c** stage, would appreciate a dm if someone can give me a nudge.

None of these exploits works I tried 100 times and NONE of them are working. I get permission denied for the xxx exploit script, and xxxxx command not found , and the script overflow doesn’t work. Nothing is working. I also tried to do it manually and nothing worked.

Hey,
Found the username M*** and the i****.k file used john and got c*8. Trying to connect over with ssh likewise the previous ssh connection. but using M and its r. It results in Authentication failed. Is it normal?

I figured out why I get the Authentication failed.

Rooted
Very interesting machine.

Rooted!
If anybody needs help, p.m. for hints.

Hack The Box