Postman

1111214161738

Comments

  • And there comes a kind of machine which makes you feel good about your skills. I found it pretty straightforward with both user and root.
    There are more than enough hints for this machine here so if you get stuck anywhere on any point refer to them. Enjoy!

    3zCulprit

  • Rooted! A few hints:
    Initial stage:

    Don't overcomplicate it like I did! Remember that it is rated as an easy box. I've wasted a couple of hours trying to fix that "module" thing. Think about what else you can do.

    Root:
    That's an easy one, you will get it if you've done your nmap well.

  • edited November 2019

    [email protected]# cat /root/root.txt
    Wasted a lot of time because someone was changing the user's pass!
    Root was very fast.

    PM me if you need a hint.

    the first priority to the ninja is to win without fighting.

  • It's a nice machine, i've learned about r****, user and root is more simple that you think :-) if ssh not work think different !

  • Nice and simple machine. Enjoyed.
    Somebody wrote earlier that got root before the user. Im wondering how? Perhaps I missed something ... ?

    m4rc1n

  • I am struggling to get past this r****-c** stage, would appreciate a dm if someone can give me a nudge.

    Spknoxy

  • edited November 2019

    None of these exploits works I tried 100 times and NONE of them are working. I get permission denied for the xxx exploit script, and xxxxx command not found , and the script overflow doesn't work. Nothing is working. I also tried to do it manually and nothing worked.

  • edited November 2019

    Hey,
    Found the username M*** and the i****.k file used john and got c*******8. Trying to connect over with ssh likewise the previous ssh connection. but using M*** and its r***. It results in Authentication failed. Is it normal?

    I figured out why I get the Authentication failed.

  • Rooted
    Very interesting machine.

  • Rooted!
    If anybody needs help, p.m. for hints.

    Hack The Box

  • ROOTED
    took 4 hrs ,easy each level is CVE based just search it and some pass cracking.

  • Rooted. Little hints:

    Foothold: Scan harder.
    User: How you get inside? Find a same file.
    Root: CVE

  • Not sure if this should go here, but is there any specific reason why I can't submit the root flag? I got it, but I keep getting an error whenever I try to submit it. Same with the user flag.

  • Type your comment> @AverageDave said:
    > Rooted. Little hints:
    >
    > Foothold: Scan harder.
    > User: How you get inside? Find a same file.
    > Root: CVE

    I scanned all and got it but like I said none of the exploits are working at all. And I tried them all, running scripts and manually like I said.
  • Type your comment> @JuicyyCandy said:

    Not sure if this should go here, but is there any specific reason why I can't submit the root flag? I got it, but I keep getting an error whenever I try to submit it. Same with the user flag.

    You're not putting anything special in are you?...like flag{}?...just pasting the hash?

  • Type your comment> @ByteM3 said:

    Type your comment> @JuicyyCandy said:

    Not sure if this should go here, but is there any specific reason why I can't submit the root flag? I got it, but I keep getting an error whenever I try to submit it. Same with the user flag.

    You're not putting anything special in are you?...like flag{}?...just pasting the hash?

    I wasn't, I was just being an idiot, didn't know I had to choose how difficult I found it.

  • Type your comment> @JuicyyCandy said:

    I wasn't, I was just being an idiot, didn't know I had to choose how difficult I found it.

    =D

  • Rooted!

    PM if you'd like assistance!

  • Rooted - although overall not that difficult, was a good learning experience. Admittedly took me awhile to figure out that my location for r****-c** was wrong, thank you @n1njaaa

    Spknoxy

  • Rooted. Actually another good chance too improve my skills.

  • Just got root!

    If need help you can ask on pm!

    noi

  • edited November 2019

    Can't exploit r***s to login, can somebody dm?

    Exploit completed, but no session was created.
    and
    READONLY You can't write against a read only slave.

    Hack The Box

  • "Is not enabled" why??

  • I am at root stage. Keep hearing it is easy..is it because people are using metasploit. is there a manual way.

  • hi, i am trying to get the r*s exploit within m running, but it doesnt seem to work. do I need to tinker something to get this working. If yes i would appreciate assistance as I'm new to this. just pls pm me. thx

    zaphoxx

  • Struggling to get a m********* exploit working against w*****... I assume I need to change a path, but my original way of getting in via r**** isn't working.. did something change?

    I could use a hint on root if anyone is around.

  • Hello Guys, I need some help. I can connect to r* and i can upload my id to /v///.

    But every time I try to s* as r* I'm asked something i shouldn't been asked when showing the other part of my id.

  • Rooted. Not sure what was going on, but an exploit I've tried a dozen times suddenly worked...

    Also the r**** exploit started working again... glad to be finished with this finicky box.

  • edited November 2019

    For initial shell: How are you supposed to figure out that user r***s exists on the machine?

Sign In to comment.