Postman

I should be able to connect (found the i*.b* file and used some tools on it) but when I connect I receive a connection closed by host on port 2*. I’m fairly sure this should work. Anyone knows what I can do?

Type your comment> @Kimble said:

I should be able to connect (found the i*.b* file and used some tools on it) but when I connect I receive a connection closed by host on port 2*. I’m fairly sure this should work. Anyone knows what I can do?

Yes, I know. Check the content of sd_c*** on the host.

Type your comment> @bumika said:

Type your comment> @Kimble said:

I should be able to connect (found the i*.b* file and used some tools on it) but when I connect I receive a connection closed by host on port 2*. I’m fairly sure this should work. Anyone knows what I can do?

Yes, I know. Check the content of sd_c*** on the host.

Got it, thanks!

got it

Spoiler Removed

anyone else having the system.exec error when choosing interactive shell?

¿How can I make the r**** exploit to work if there is no command module… or load???

Got it! Thank very much to @Aireply for help!
Rlly nice and very sympathetic man :slight_smile:

I’m a bit confused and stuck on getting the initial foothold. From reading the messages, I’ve gathered that I need to manually edit an exploit script to make it work. Should I be looking at the r****_u*****_e*** and using that?

fearlessmcp
December 1 edited December 1 Report Spoiler
i found ik and i decrypt it and i got c8.Then I used it to login user @M*** but it say Connection closed by 10.10.10.160 port 22

Type your comment> @bumika said:

Type your comment> @Kimble said:

I should be able to connect (found the i*.b* file and used some tools on it) but when I connect I receive a connection closed by host on port 2*. I’m fairly sure this should work. Anyone knows what I can do?

Yes, I know. Check the content of sd_c*** on the host.

This is where I am except I am not getting the hints. Not sure why I’d have to change my own personal config for this.

Please pm me or post!

@lowtoe said:
fearlessmcp
December 1 edited December 1 Report Spoiler
i found ik and i decrypt it and i got c8.Then I used it to login user @M*** but it say Connection closed by 10.10.10.160 port 22

Type your comment> @bumika said:

(Quote)
This is where I am except I am not getting the hints. Not sure why I’d have to change my own personal config for this.

Please pm me or post!

No change is needed. It shows why the connection is closed immediately. Host = Postman

hmm. wouldn’t I need to see M***'s conf file to see why it wasn’t working then? Still requiring some guidance here :confused:

nvm got user… just had to sling those creds somewhere else

Type your comment> @lowtoe said:

hmm. wouldn’t I need to see M***'s conf file to see why it wasn’t working then? Still requiring some guidance here :confused:

Just send me a PM.

I think I have the right solution to get a shell, but it won’t work. Is there anyone who can mentor me to a solution?

Can I give someone a quick PM on this? I’ve currently gotten user, I’m just having an issue with something else and would like to know what’s what.

Thanks!

Finally got it rooted thanks to @bumika
I’d been struggling with initial foothold for a couple of days, and once past that it was “easy enough”.

I’m still a beginner at this, and i learned a lot. I learned how to exploit different things, but also to trust my instincts, and most importantly to try harder :slight_smile:

Type your comment> @mrbudgie said:

Can I give someone a quick PM on this? I’ve currently gotten user, I’m just having an issue with something else and would like to know what’s what.

Thanks!

Nevermind, figured it out and got root!

I am new to Hack the Box. I have tried to use the exploit described in Kali Linux an Ethical Hacker’s Cookbook and I have been unsuccessful. I also tried to use to some of the exploits in Metasploit. I would appreciate any tips. Thank you in Advance.

Could someone help me out what to use for srv***t address i’m stuck there

Type your comment> @ELMARRO said:

I am new to Hack the Box. I have tried to use the exploit described in Kali Linux an Ethical Hacker’s Cookbook and I have been unsuccessful. I also tried to use to some of the exploits in Metasploit. I would appreciate any tips. Thank you in Advance.

I tried to use an MSF exploit too, which indeed didnt work. So i tried to debug it and see what commands it ran exactly. I then manually reproduced it. By that point you end up running manual/experimental commands on a relativemy unknown protocol… which should lead you to be curious about what else is possible within that framework. Bottom line: metasploit is just a starter but not the solution.