Got root.
I think the best tip that I can give to someone - don’t overcomplicate it. It’s simpler than you are thinking it is.
Thanks to @Achille for giving me tip, when I was knocking my head against a wall.
Got root.
I think the best tip that I can give to someone - don’t overcomplicate it. It’s simpler than you are thinking it is.
Thanks to @Achille for giving me tip, when I was knocking my head against a wall.
Deleted
Service is unavailable and max resets reached for the day already, argh. Would someone with root mind giving the initial foothold service a kick please?
I finally got root! A very interesting machine!
r*** was pretty straightforward, but for u***, it took me some time to get it. I didn’t knew that re*** was that dangerous!
If you need a hint, just ping me via PM.
Rooted, definitely scraping the rust off of not doing this for a while lol. If anyone needs help, feel free to msg me!
Got this one last night. To those who say TLS/SSL makes this difficult, the reality is most tools have knobs and dials that let you selectively turn encryption and cert validation on or off.
i got user but after that i tried using wn_p***p_r** on [M] but it only return “Failed to retrieve session cookie” so i’d be very appreciated for any help if im on the right track or not.
edit : nvm forget to SSL :)))
I can’t get a shell!!! I used a modificated script with r*** but all time say me Permission denied in the ssh… I don’t know why.
@eternaln00b said:
I can’t get a shell!!! I used a modificated script with r*** but all time say me Permission denied in the ssh… I don’t know why.
Personally I didn’t use a script, just piped printf with some extra newline formatting surrounding my credentials (before and after, ~4 lines on each side) to the command line interface for r****.
I am new to Hack the Box. I have tried to use the exploit described in Kali Linux an Ethical Hacker’s Cookbook and I have been unsuccessful. I also tried to use to some of the exploits in Metasploit. I would appreciate any tips. Thank you in Advance.
Got User and Root…
Some hints, once you have initial foothold via one service, find the hidden secret in the bakalleys… with that you can accomplish the other tasks via another service.
Fun box, thanks!
Another hint - you don’t need metasploit for a foothold. Just look at the CONFIG for the service you find and then look for ways to manipulate it.
Finally got root.
My tips:
pwnd
Please reset this box , looks like a team has modified the permissions
Rooted
initial: enum and see how the unprotected service can be abused (try kali cookbook)
user: permissions are important while creating backups
root: just run the module (dont forget ssl)
PM if you need hints
Hello
I got the intial shell, tring to get user.
i found a file i*_***.**k, and when i tried to connect to ssh i get :
Connection closed by 10.10.10.160 port 22.
is what im doing wrong, or something wrong with the machine(cant reset it)?