Json

Hi, finally rooted this machine.
If someone used the “vegetable” to priv, can explain me why? I found another way. But I can understand when I can use the “vegetable”.

If you need help, p.m. for hints.

Hack The Box Hack The Box

I got the user.
I’m trying to decrypt fz* pass. I tried with many wordlist but still don’t get anything out of it. What am I missing?

EDIT:
Rooted with veggies in the end!

I can’t to figure out how to compile and use ys*******.n** . Anyone willing to help me out… :slight_smile: DM me please…

Type your comment> @Hav0k said:

I can’t to figure out how to compile and use ys*******.n** . Anyone willing to help me out… :slight_smile: DM me please…

Many tools use ViSual displays for their code and its easier with a studio to work in

*I should mention this is as far as I have gone

Type your comment> @zeroes said:

Type your comment> @Hav0k said:

I can’t to figure out how to compile and use ys*******.n** . Anyone willing to help me out… :slight_smile: DM me please…

Many tools use ViSual displays for their code and its easier with a studio to work in

*I should mention this is as far as I have gone

Usually on github there is a release tab which has taken cared of this for you already. :slight_smile:

Thank you @acidbat and @zeroes

Type your comment> @acidbat said:

Usually on github there is a release tab which has taken cared of this for you already. :slight_smile:

TIL

Anyone who can DM me quickly to help out with the user, I have a lot of directions explored but not much JSON experience, just need a general ‘go that way’ pointer.

Anyone who can DM me for user I have no clue about Json I want general information to start

I got these two error
HTTP/1.1 415 Unsupported Media Type
HTTP/1.1 500 Internal Server Error
any nudge
is there any tools can I use it ?

I found the vulnerability but I don’t know how can I execute it any hint please DM me

Quite new at all of this i have managed to i think get user, but dont know where to go from there. Please DM me if anyone would care to help

thanks v1p3r0u5 for this box I learned so many thing about this vuln , ysoserial tools and powershell encode and decode but still work on it until I get it

can I have nudges for this box. I have been working in this box for 5 days

can anyone give me any pointers on how to use ysoserial here? went through the whole payload list with both b* and c* headers and still got squat…

Type your comment> @drdsol92 said:

can anyone give me any pointers on how to use ysoserial here? went through the whole payload list with both b* and c* headers and still got squat…

Pm me and Let me know what you tried…

finally I got root flag I learned a lot thanks v1p3r0u5 for this box

Can anyone assist with initial foothold? have to admit i’m quite lost here at the beginning

Can anyone help me with the initial foothold please?

No idea what to do here…
Looked through few .js files, but didnt spot anything irregular.

any assistance getting user would be helpful. tried smb and smb2 exploits with no luck