Traverxec

Type your comment> @samdahacker said:

@idomino said:
Type your comment> @rholas said:

user is simple just read file

What file? :slight_smile:

I’m guessing the .ht******** file
Not sure what to do with cracked creds either :frowning:

I have that and the creds. But must be missing something super simple again.

I hate when I am missing super simple stuff.

d**** doesn’t reuse passwords obviously. me has a m…-shell as www-data.

Still no ideas how to use creds, neither ssh or su works

Do you think creds could be a rabbit hole?

Don’t get too much stuck on the creds you find, look for “better”.
Currently stuck on root, I’m pretty sure it has to do with all those logs but not sure how.

thank you for the nudge, and now I feel stupid.
user hint: read that interesting file you found very carefully and make sure you know what each line does.

Type your comment> @idomino said:

thank you for the nudge, and now I feel stupid.
user hint: read that interesting file you found very carefully and make sure you know what each line does.

you mean at n…o folder?

Type your comment> @protei300 said:

Type your comment> @idomino said:

thank you for the nudge, and now I feel stupid.
user hint: read that interesting file you found very carefully and make sure you know what each line does.

you mean at n…o folder?

yeah

Rooted ! :slight_smile:

root@traverxec:~# ls
nostromo_1.9.6-1.deb  root.txt
root@traverxec:~# 

Rooted!

Root is really simple.

Hint: Just look at the file you will find as user…and you may see a very suspicious command.

Still cannot see anything under restricted shell

Correct me, if i am wrong, but smth interesting in h…f file???

Type your comment> @MasterSplinter said:

Don’t get too much stuck on the creds you find, look for “better”.
Currently stuck on root, I’m pretty sure it has to do with all those logs but not sure how.

i’m stuck on root too, i think i’ll need to symplink stuff with other stuff to get the job donn

ok, that was straightforward :slight_smile:

# id
uid=0(root) gid=0(root) groups=0(root)

@ToneDef said:
Rooted!

Root is really simple.

Hint: Just look at the file you will find as user…and you may see a very suspicious command.

the simplyest stuff can make you go crazy sometimes

Yup XD

Is the box down for anyone else? I lose connection every few minutes

Got user.

For people having problems/getting nothing after getting creds : yeah they can be useful somewhere but you must enumerate and read some files to better understand where you can use them :). You should wonder why there are creds here and for what they are needed/supposed to do

Sorry if I say too much, it’s my first time giving my opinion and advice here xD

PM if needed

Got user now too.

Go going for root… but didn’t found anything yet. Can someone PM me a nudge?

rooted

PM for nuggets

Hack The Box

Initial: Fastest foothold I’ve ever got. 2 steps to get an easy shell.
User: Read files carefully, ignore rabbit holes and RTFM.
Root: You should spot the method fast, try it locally to understand how to make it work.