Postman

1111214161738

Comments

  • Rooted! A few hints:
    Initial stage:

    Don't overcomplicate it like I did! Remember that it is rated as an easy box. I've wasted a couple of hours trying to fix that "module" thing. Think about what else you can do.

    Root:
    That's an easy one, you will get it if you've done your nmap well.

  • edited November 2019

    [email protected]# cat /root/root.txt
    Wasted a lot of time because someone was changing the user's pass!
    Root was very fast.

    PM me if you need a hint.

    the first priority to the ninja is to win without fighting.

  • It's a nice machine, i've learned about r****, user and root is more simple that you think :-) if ssh not work think different !

  • Nice and simple machine. Enjoyed.
    Somebody wrote earlier that got root before the user. Im wondering how? Perhaps I missed something ... ?

    m4rc1n

  • I am struggling to get past this r****-c** stage, would appreciate a dm if someone can give me a nudge.

    Spknoxy

  • edited November 2019

    None of these exploits works I tried 100 times and NONE of them are working. I get permission denied for the xxx exploit script, and xxxxx command not found , and the script overflow doesn't work. Nothing is working. I also tried to do it manually and nothing worked.

  • edited November 2019

    Hey,
    Found the username M*** and the i****.k file used john and got c*******8. Trying to connect over with ssh likewise the previous ssh connection. but using M*** and its r***. It results in Authentication failed. Is it normal?

    I figured out why I get the Authentication failed.

  • Rooted
    Very interesting machine.

  • Rooted!
    If anybody needs help, p.m. for hints.

    Hack The Box

  • ROOTED
    took 4 hrs ,easy each level is CVE based just search it and some pass cracking.

  • Rooted. Little hints:

    Foothold: Scan harder.
    User: How you get inside? Find a same file.
    Root: CVE

  • Not sure if this should go here, but is there any specific reason why I can't submit the root flag? I got it, but I keep getting an error whenever I try to submit it. Same with the user flag.

  • Type your comment> @AverageDave said:
    > Rooted. Little hints:
    >
    > Foothold: Scan harder.
    > User: How you get inside? Find a same file.
    > Root: CVE

    I scanned all and got it but like I said none of the exploits are working at all. And I tried them all, running scripts and manually like I said.
  • Type your comment> @JuicyyCandy said:

    Not sure if this should go here, but is there any specific reason why I can't submit the root flag? I got it, but I keep getting an error whenever I try to submit it. Same with the user flag.

    You're not putting anything special in are you?...like flag{}?...just pasting the hash?

  • Type your comment> @ByteM3 said:

    Type your comment> @JuicyyCandy said:

    Not sure if this should go here, but is there any specific reason why I can't submit the root flag? I got it, but I keep getting an error whenever I try to submit it. Same with the user flag.

    You're not putting anything special in are you?...like flag{}?...just pasting the hash?

    I wasn't, I was just being an idiot, didn't know I had to choose how difficult I found it.

  • Type your comment> @JuicyyCandy said:

    I wasn't, I was just being an idiot, didn't know I had to choose how difficult I found it.

    =D

  • Rooted!

    PM if you'd like assistance!

  • Rooted - although overall not that difficult, was a good learning experience. Admittedly took me awhile to figure out that my location for r****-c** was wrong, thank you @n1njaaa

    Spknoxy

  • Rooted. Actually another good chance too improve my skills.

    BadRain

  • Just got root!

    If need help you can ask on pm!

    noi

  • edited November 2019

    Can't exploit r***s to login, can somebody dm?

    Exploit completed, but no session was created.
    and
    READONLY You can't write against a read only slave.

  • "Is not enabled" why??

  • I am at root stage. Keep hearing it is easy..is it because people are using metasploit. is there a manual way.

  • hi, i am trying to get the r*s exploit within m running, but it doesnt seem to work. do I need to tinker something to get this working. If yes i would appreciate assistance as I'm new to this. just pls pm me. thx

    zaphoxx

  • Struggling to get a m********* exploit working against w*****... I assume I need to change a path, but my original way of getting in via r**** isn't working.. did something change?

    I could use a hint on root if anyone is around.

  • Hello Guys, I need some help. I can connect to r* and i can upload my id to /v///.

    But every time I try to s* as r* I'm asked something i shouldn't been asked when showing the other part of my id.

  • Rooted. Not sure what was going on, but an exploit I've tried a dozen times suddenly worked...

    Also the r**** exploit started working again... glad to be finished with this finicky box.

  • edited November 2019

    For initial shell: How are you supposed to figure out that user r***s exists on the machine?

  • Type your comment> @Yannis said:

    For initial shell: How are you supposed to figure out that user r***s exists on the machine?

    with limited shell? I know one way but it gives me permission denied ...and possible other way, I'm not sure if it verifies that it exist. If it does exist, with this limit shell, I am unable to get a dir listing or anything to work.

Sign In to comment.