Traverxec

145791044

Comments

  • Type your comment> @AnonLK said:

    Type your comment> @Gboxx said:

    I get User D***D and Password N*******e, ssh locally not working, su not working, any suggestions ?

    same

    I got the same results any ideas | did u got any solutions for it ?

  • edited November 2019

    For user: read c..f file and google manual for the service to make sure that you understand the c..f file

    Feel free to PM me

  • Any hint for root?
    is c** or j********l binary related to the priv esc ?
    was trying to gain root shell based on this binaries but no result..

    Hack The Box

  • I've read the docs on the service over and over again, cracked whats maybe needed later, but for the love of God if I read this man page again and it doesn't work I reckon I will be down a computer as I might put a fist through it. I'm obviously not following something correct even though I feel I am. First time getting really frustrated i must say, but as they say try harder just don't know what to try harder at now. Damn this is killing me lol. Also making me feel like a right fool. So any suggestions are welcome I know I'm on the correct path it's just not working as intended.

    ”No questions a stupid question”
    <img src="https://www.hackthebox.eu/badge/team/image/1805" alt="Hack The Box">
  • Type your comment> @mojorisin said:

    I've read the docs on the service over and over again, cracked whats maybe needed later, but for the love of God if I read this man page again and it doesn't work I reckon I will be down a computer as I might put a fist through it. I'm obviously not following something correct even though I feel I am. First time getting really frustrated i must say, but as they say try harder just don't know what to try harder at now. Damn this is killing me lol. Also making me feel like a right fool. So any suggestions are welcome I know I'm on the correct path it's just not working as intended.

    Assuming you're talking about way to the user. You've got those creds from the very specific place. Look around and check functionality that this service provides. Some options should ring a bell

  • Hey

    stucking at user flag ...
    have a shell, know about the "special area" but don't know where or what to access to get flag...

    Help would be appreciated - just drop me a dm :)

  • Rooted yesterday. Pretty fun for the user part , root was a tiny bit tricky.

    Tips for root: Go small... real small...

  • edited November 2019

    Type your comment> @jklmnop said:

    John is not helpful, any tips to get user please.

    Hashcat

    @bertalting said:
    Can anyone confirm if i should look at cron jobs to get user ?

    No, more simple than that.

    @mojorisin said:
    I've read the docs on the service over and over again, cracked whats maybe needed later, but for the love of God if I read this man page again and it doesn't work I reckon I will be down a computer as I might put a fist through it. I'm obviously not following something correct even though I feel I am. First time getting really frustrated i must say, but as they say try harder just don't know what to try harder at now. Damn this is killing me lol. Also making me feel like a right fool. So any suggestions are welcome I know I'm on the correct path it's just not working as intended.

    Read the documentation.

    Read the configuration file.

    You should see something interesting.

    twypsy

  • Just finished the box, struggled a little with user at first, root was quite straight forward though.

    User: Besides the obvious thing, check the manual and go back to read the c... file . It will tell you what there is to look for (even though you might not be able to discover it easily straight away)

    Root: Reminded me a little bit of an otw bandit challenge. Once you found out what can be executed you may want to test it out in a less "restricted" environment.

    Feel free to PM me for nudges

  • Thanks @jkr for nice machine :)

  • Rooted !

    Real funny box, specially the root part XD

    Feel free to PM me for hint (user /root)

    If i helped you, +1 respect please !

    Hack The Box

  • I can't think of a better box with such a wonderful narrative no less, to build a strong Linux/GNU foundation. Makes me take a fresh look at some of the commands and utilities I use daily. What an awesome box by @jkr as usual. Thanks!

    limbernie
    Write-ups of retired machines

  • Any help with root? I know its to do with GB and l**s but struggling to find the right syntax to put in the file

  • edited November 2019

    Rooted!

    Initial foothold: too much easy
    User: don't try to bruteforce the pass, bruteforce the key ;)
    Root: Simple but tricky... one advice: when you read gtfobins, the most important part is the first line, where it talks about a very small editor.

  • Type your comment> @KevSex said:

    Any help with root? I know its to do with GB and l**s but struggling to find the right syntax to put in the file

    DM me

  • wow, just got root. That was embarrassing....

    GPLO

  • Type your comment> @jklmnop said:

    John is not helpful, any tips to get user please.

    Cats are helpful. They love playing with hashes

  • Type your comment> @nardin said:
    > Rooted!
    >
    > Initial foothold: too much easy
    > User: don't try to bruteforce the pass, bruteforce the key ;)
    > Root: Simple but tricky... one advice: when you read gtfobins, the most important part is the first line, where it talks about a very small editor.

    And also, don't try to get root with terminal in full screen.
    You'll thank me later :D
  • Root was quite easy if you know how the thing works but I don't get the full screen reference, maybe I did it in a different way.
    User was a bit tricky at first because I was barking at the wrong tree, but than I knew that something was there, so I followed the white rabbit to get there. Also I didn't use the creds, so there must be two ways in. Let's have a look.

    Overall I enjoyed the box. Thank you @jkr

  • Rooted!

    In my opition this machine is so CTF =/
    But I learned much with this machine!

    Thank you @w4x and @cha63!

    Hack The Box

  • Type your comment> @joshibeast said:

    Type your comment> @nardin said:

    Rooted!

    Initial foothold: too much easy
    User: don't try to bruteforce the pass, bruteforce the key ;)
    Root: Simple but tricky... one advice: when you read gtfobins, the most important part is the first line, where it talks about a very small editor.

    And also, don't try to get root with terminal in full screen.
    You'll thank me later :D

    wtf, thanks

  • Rooted :D

    Hints:-
    User : Enumerate, Read code,get the file and you know what to do with it :)
    And stay away from rabbit holes :P dont get excited after cracking a credential :P
    Root: GTFOBINS, Read manual and well somethings work when things are smaller.

    Everything is right in front of you,open folders,read codes.

    Arrexel

  • There is an issue with the box and p80 right? @jkr said so in a tweet upon release. Am I correct or are we looking for something else?

    Huejash0le

  • Rooted. Thanks @jkr for the fun box. I was way overthinking the root method - I knew exactly what to do but I apparently like my space too much :)

  • Type your comment> @jklmnop said:

    John is not helpful, any tips to get user please.

    if the creds dont work on ssh, there is another option. you should find something in a folder where you can not see anything. maybe the config could help you out?

    0byte

  • @bertalting said:
    Can anyone confirm if i should look at cron jobs to get user ?

    no cronjobs..

    0byte

  • edited November 2019

    Howdy all, I have the password for user d, I've read n...f and I looked at the docs and found something interesting. I'm in /h...s and getting a Permission denied error for what I'm trying to touch. Any tips?

    Discord: Ursa#1337

  • Spoiler Removed

  • Quite straightforward step by step. Thanks. Still took me 2h, spent way too much time enumerating on initial shell. Got initial shell in like 1min. then spent like an hour and a half before i read the whole file with thought. Then it was just doing.

    Blaudoom

  • edited November 2019

    omg port 80 closed on VIP 15. Please fix, Thank you!

    Edit: spent like an hour trying to find an SSH exploit. Lol FYI port 80 is not supposed to be closed.

    Huejash0le

Sign In to comment.