20 minutes to go, looks interesting. Anyone else see this as Linux when it was in "Unreleased"?
GCIH | GCIA
If you need help with something, PM me how far you've got already, what you've tried etc (I won't respond to profile comments, or on box release night). And remember to +respect me if I helped you ; )
@extincted said:
Think someone have tried to be funny and change the password..
Think more about what you've seen, and what it indicates about the system.
GCIH | GCIA
If you need help with something, PM me how far you've got already, what you've tried etc (I won't respond to profile comments, or on box release night). And remember to +respect me if I helped you ; )
HI guys, can you please give me a hint on where to go to get user on resolute, I tried searching for exploits on the services that nmap found, but nothing worked.
Thanks
I may have spotted the root vulnerability, could be a rabbit hole
GCIH | GCIA
If you need help with something, PM me how far you've got already, what you've tried etc (I won't respond to profile comments, or on box release night). And remember to +respect me if I helped you ; )
I have a bunch of usernames but most options require passwords. The only option from I****ct without password returns nothing. Also is 445 a rabbithole for user?
For asking help, please describe what you have tried so far, so i don't spoil too much.
If you believe i was able to help, please provide feedback by giving respect: https://www.hackthebox.eu/home/users/profile/122308
I have a bunch of usernames but most options require passwords. The only option from I****ct without password returns nothing. Also is 445 a rabbithole for user?
I have a bunch of usernames but most options require passwords. The only option from I****ct without password returns nothing. Also is 445 a rabbithole for user?
Check the output from your enumeration process line by line. Since you have the usernames, I guess you probably didn't see it, due to some error messages.
Got into user 2, the hint makes it sound difficult.
Edit: On the edge of root now, interesting vuln.
GCIH | GCIA
If you need help with something, PM me how far you've got already, what you've tried etc (I won't respond to profile comments, or on box release night). And remember to +respect me if I helped you ; )
Built my root payload, now to get it executed right
GCIH | GCIA
If you need help with something, PM me how far you've got already, what you've tried etc (I won't respond to profile comments, or on box release night). And remember to +respect me if I helped you ; )
If you guys need nudges, PM me, but please don't come with messages like "Are these credentials valid?" , because I won't respond to these type of questions anymore.
Rooted. Thanks to everyone who helped me push past the problems with root, pretty frustrating but finally got it.
User: Easiest user ever, just read the output carefully
Root: A bit CTF-y but enumerate everything, once you find the folder switch over and find out more about who you are now. Google will then take you the rest of the way.
GCIH | GCIA
If you need help with something, PM me how far you've got already, what you've tried etc (I won't respond to profile comments, or on box release night). And remember to +respect me if I helped you ; )
Got user pretty quick, I'm thinking that targeting r*** and then taking advantage of his membership in D******n sounds right. Any hints on how to get r*** or (if that's not right) try to move to root?
Comments
Lest go xd
Can't find anything!
profile: https://www.hackthebox.eu/home/users/profile/114435
discord: Celesian#0558
Unable to connect
I found a lot of users.
profile: https://www.hackthebox.eu/home/users/profile/114435
discord: Celesian#0558
Well, that was an easy user pwn
*Spoiler Removed
Think someone have tried to be funny and change the password..
Running for OSCP
Easiest user I've ever done.
Think more about what you've seen, and what it indicates about the system.
If you need help with something, PM me how far you've got already, what you've tried etc (I won't respond to profile comments, or on box release night). And remember to +respect me if I helped you ; )
edit: solved. removing initial post.
user.txt
so easy
Is ke**********g the way to go?
Type your comment> @Ma1ware said:
No need for that, at least for user
HI guys, can you please give me a hint on where to go to get user on resolute, I tried searching for exploits on the services that nmap found, but nothing worked.
Thanks
I may have spotted the root vulnerability, could be a rabbit hole
If you need help with something, PM me how far you've got already, what you've tried etc (I won't respond to profile comments, or on box release night). And remember to +respect me if I helped you ; )
I have a bunch of usernames but most options require passwords. The only option from I****ct without password returns nothing. Also is 445 a rabbithole for user?
For asking help, please describe what you have tried so far, so i don't spoil too much.
If you believe i was able to help, please provide feedback by giving respect:
https://www.hackthebox.eu/home/users/profile/122308
Type your comment> @tang0 said:
No. try harder
Type your comment> @tang0 said:
Check the output from your enumeration process line by line. Since you have the usernames, I guess you probably didn't see it, due to some error messages.
Got into user 2, the hint makes it sound difficult.
Edit: On the edge of root now, interesting vuln.
If you need help with something, PM me how far you've got already, what you've tried etc (I won't respond to profile comments, or on box release night). And remember to +respect me if I helped you ; )
Built my root payload, now to get it executed right
If you need help with something, PM me how far you've got already, what you've tried etc (I won't respond to profile comments, or on box release night). And remember to +respect me if I helped you ; )
hey guys ! So I got access to rp******* with the creds. But I don't know what to do from here can you please give me a hint?
Thanks
So I have the right creds for the first user, but it's been an hour I search, and I find nothing interesting in the S** shares. Do you have a hint ?
Edit : I'm dumb, I do not did a full scan so I didn't saw the high port.
is r*** needed to get root?
Very nice box, its all about enumeration , and for root a little bit of googling if you are not familiar with technique
Spoiler Removed
root has such a cool exploitation process, just read carefully the blog after you get your root foothold.
I really enjoyed it @egre55 , thank you!
If you guys need nudges, PM me, but please don't come with messages like "Are these credentials valid?" , because I won't respond to these type of questions anymore.
Rooted. Thanks to everyone who helped me push past the problems with root, pretty frustrating but finally got it.
User: Easiest user ever, just read the output carefully
Root: A bit CTF-y but enumerate everything, once you find the folder switch over and find out more about who you are now. Google will then take you the rest of the way.
If you need help with something, PM me how far you've got already, what you've tried etc (I won't respond to profile comments, or on box release night). And remember to +respect me if I helped you ; )
The root exploit doesn't work for me, i even tried copying the exact same commands other people did and it does not work! wtf man?
profile: https://www.hackthebox.eu/home/users/profile/114435
discord: Celesian#0558
Cool box, I really enjoyed it. Feel free to PM if you're stuck..
https://www.hackthebox.eu/home/users/profile/78568
Probably the easiest box ever. Remember to try harder
Got user pretty quick, I'm thinking that targeting r*** and then taking advantage of his membership in D******n sounds right. Any hints on how to get r*** or (if that's not right) try to move to root?