Traverxec

13468945

Comments

  • edited November 2019

    I've found the creds and read the contents of n******* dir but can't see anything to use. Is it the ht****** section or the ho****** section that I should be looking at? I noticed I can view a private space but no where to use creds.

    any nudges from here?

    EDIT: I've manged to find another interesting dir, the hunt continues :)

  • got user, but needed some help to clear my mind!

    Work hard in silence, let your success be your noise

  • Root is troll...but I love it.

  • Rooted,

    Feel free to PM if you need nudges

  • Rooted.

    Fun box, straight forward.

    halisha

    --- I reply faster on Telegram @halishasec and [Discord Tavi #6865]
    --- Please specify the machine you're working at when messaging

  • Rooted, many thanks to terrats for the last root hint.
    Didn't know pipes could do that :)

  • edited November 2019

    My feedback for Traverxec:
    The box is almost straightforward the annoying thing is that web server keeps dying not sure if that is because people are dossing or some kind of weird unstable machine.
    anyway here is how I see the steps to root.

    initial: recent CVE after light enumeration gives you quick win

    User: enumeration of of the door that let you in gives you a bit of usefull info.. for me this is sligtly CTF-y and requires a bit of guessing but once found gives you the user with a bit of extracting/cracking

    Root*: quick enumeration would lead you to something.. if you are not familiar google it, try it locally and go back and root the box :)

    • Make sure you do not maximize your terminal screen a lot .. sometimes LESS maximizing is better :)

    PM if you are stuck

    OSCP

  • Any assistance with root? I know about G*Bs, the dir to place the file in and that p*** has something to do with it but unsure from here

  • haha. first the box is down for pretty much most of first day. Now I know exactly how to get root.... and it doesnt work. I know it is the way but it doesnt work... so annoying.

  • To echo a previous comment, you need to try a different terminal if you are stuck at trying to get root and aren't making headway. Things will function/display differently.

    No idea why this is the case, but it cost me well over an hour of time.

  • Type your comment> @ALK said:

    For people struggling with root. remember its not always a good idea to maximize ur screen ;)

    this unblocks me for root flag, thanks br0

  • Im kinda lost, got d**** credentials, but no idea where to go next

  • Just rooted !

    Thanks for the machine @jkr ! I wonder where did you get the inspiration for the root flag, it reminds me one of the levels of bandit, the one that i struggled with the most !

    I say something strange when i got in the user, hints from the guys on this thread helped me a lot ! i think they provide enough info already ! I would chat with someone who got root too ! the usual thing that i do didn't worked, but i just tried something that seemed weird on my enum and it worked, coupled with the hints on the forum and got it !

    Would love to hear from you @jkr, Thanks again !

  • I have tried and tried and that port is always "closed"

  • Struggling to crack creds. The usual tools finish almost instantly with a false alarm.

    Anyone with a PM to help with syntax? Feel like I'm doing something silly.

  • Struggling with what to do with credentials of d****. I have RTFM multiple times and have the credentials cracked, just not quite getting what I have the ability to do under the unprivileged user....

    Any nudges appreciated, PMs as well.

    Hack The Box

  • I got in and found the an interesting, plain view treat but cracking is taking forever? Weird

  • edited November 2019

    Nevermind.

  • Can anybody help me. I cracked creds and found "private space", but I doesn't really give me anything

  • Got Shell As www-data Any Hints For User?

  • Type your comment> @xy83rx said:

    Got Shell As www-data Any Hints For User?

    Read the code and go to the place you won’t expect ;)

    Faster reply? Text me on Telegram:
    Message Me

  • @H4X00R I Have Got The Hash For The User. Now Do I Need To Crack That For The Password Of User?

  • Type your comment> @xy83rx said:

    @H4X00R I Have Got The Hash For The User. Now Do I Need To Crack That For The Password Of User?

    John is your best friend

    Faster reply? Text me on Telegram:
    Message Me

  • edited November 2019

    Got creds, and found p*****e, but it gives permission denied error, can anyone tell me if I am on the right path?

  • Got Shell As www-data, cracked password but it was useless.
    any hint?
    i'm looking at cronjob, can't understand how to use it to restore backup..

  • Type your comment> @ls4cfk said:

    Got Shell As www-data, cracked password but it was useless.
    any hint?
    i'm looking at cronjob, can't understand how to use it to restore backup..

    it's not that far. Look closer where you were. Go to the place you wouldn’t expect ;)

    Faster reply? Text me on Telegram:
    Message Me

  • Rooted.

    Learnt something new from this box. Thanks @jkr !

    Hints: The box name is a huge hint. Check permissions and read that specific file that has some interesting details.

    Root: Quite easy. Once you get user, you will find another interesting file with an obvious line.

    Feel free to ask for help.

  • Can anyone confirm if i should look at cron jobs to get user ?

    Hack The Box

  • John is not helpful, any tips to get user please.

  • @saminskip said:

    Struggling to crack creds. The usual tools finish almost instantly with a false alarm.

    Anyone with a PM to help with syntax? Feel like I'm doing something silly.

    It's not a false alarm, it's just not used for quite what you expect.

    clubby789

    • GCIH | GCIA
      If you need help with something, PM me how far you've got already, what you've tried etc (I won't respond to profile comments, or on box release night). And remember to +respect me if I helped you ; )
Sign In to comment.