Stuck with the creds on the API, any nudges?
Check out my blog
Always happy to help! but please consider dropping some respect. ^^
i believe both uname and pw is the top 1 on the wordlist..
@0byte, silly me, got it thanks!
Don't really do the forums, but finally rooted this and would like to say thanks to @thek
Really enjoyable, and the user part was a great example of how you can gain a practical understanding of some theory. Root was frustrating but RTFM able, Really enjoyed it.
Argh, have hard time cracking the s** key for b***, please someone PM for some nudges.
EDIT: Nvmd, got it, thanks to @Rolesa, missed an important enumeration.
edit: probably spoiler
the machine behaves differently compared with this morning, after issuing a reset it should be in the exact same state, but it is not
about 1,5h after reseting the machine, the machine allows me to execute the uploaded reverse shell... looks like I missed part of the URL (shell.php?numeric)
edit: got it
Can anybody give me a hint, because I stuck on enumeration and I can't find anything people talk about here. Only found api ( but no creds), b*******hp and in***
EDIT: got user, but I can't find a way to get a second user. I also found .c*t file, but I don't know how it can help me. Can anybody give me some hints?
Stuck at a point where I am able to s** as b*** and log in to the b* app with the creds I found.
The next step is most likely to get a reverse shell through the app, but not sure how to proceed with it. Nudges are highly valued!
Edit: Moved a step forward, thanks @aho!
oh man finally rooted, PM for nuggets
Finally I got my root shell.
Nice box, user part was pretty straightforward.
Root part is so cool.
Click here for HTB Profile: You are welcome to contact me for a nudge, but if I help you, please consider giving respect.
Allelujah, rooted. After a reset, someone have deleted the root flag, i've searched everywhere.. -_-'
If i helped you, +1 respect please !
Rooted, my first hard box was really fun. Thanks to everyone who helped me! @Rolesa @gorg @aho .
Please, PLEASE don't delete flags next time, I've lost 1 whole day enumerating beyond the intended.
PM for nudges.
I got root.txt but not rooted yet!
I wasn't familiar with r****c but it seems like a really good tool.
Need nudge towards root - have access as bt user. found some interesting files in the folder where the bt app is hosted and a c*t file belonging to w-d user (couldnt extract due to invalid format). I see that r****c may be the exploitation path but dont know how to piece all this together. DM please for nudges.
So, rooted finally. My first hard box, what a journey! Had fun with this one. Thank you @thek
I'm not gonna write any tips this time- plenty of help already in this thread. Probably even too much. Nevertheless PM me for nudges if stuck.
Anyone else is having a problem, when logging in into the web app - the credentials are right, but it shows an "Uncaught Exception", and cannot continue from there?
EDIT: Never mind, changed the browser, had some issue with cookies.
i'm really stuck on priv-esc, i'm on the webapp dashboard and I've tried everything I can to get revshell/codeexec... but i'm still there. Someone who can help me?
Any hint for initial part?
Found .r.h*/v2 but can't find anything interesting tried enumeration . (have creds)
So, i've got the user b**t but have no idea where to look for root. i've found a hash from .versin file and it's salt from the same directory. i've also got a login form in /bot. How should i proceed
Wheww...rooted...thankyou @Kamperr @idomino @3l0nMu5k for the nudges
Thank you for the box.
Both frustrating and rewarding at the same time.
I learned new tricks.
In case anyone is stuck, feel free to PM me, but I think there are enough hints in the thread.
My first hard rated machine and that's looks good for me.
Vector is always obvious, but you need to think and RTFM a lot. (at least that was so for me).
Many thanks to @thek
Learned a lot, was not familiar with any of software used here lol.
Making my way from newbie to pro
Done Man that Re**** was tough..
Puh I got root. Thx to @3l0nMu5k for his help! I learned a lot. Never heard about this software before.
Rooted. User is very easy. Root also is not very hard but nice!
Click here to create an account.