Ok I dont understand I found the j**y , now I feel like a dumb because is like the init shell xD any hint?
Hi guys! This box makes me sweat. I just can’t find a foothold. I used gobuster to find a clue, but it was inconclusive. nmap only shows 80 and 22 ports. I am desperate because I don’t know what to rely on. Give a hint please.
Can anyone help me with getting the very first shell? I dont know what Im looking for when fuzzing the URL
I have completed the box, but I would like to know the unintended way to get root if anyone can PM me please. Thank you
I got the www-data level shell but I cant seem to find anything interesting, any help would go a long way. Kindly PM. Thanks.
P.S: I found my**l credentials but cant figure out how to use em with RCE
EDIT: Nevermind, found who the my**l creds belong too
Type your comment> @h4kr said:
Root was very easy.
User took a fair bit more time because there were a few rabbit holes. There are also a couple of different paths you can take, particularly from user #2 to user #3. Mr John (with a conversion) is one way but there is a much faster shortcut.
I did Mr J first and then post root, went back and did that faster shortcut. I think it was more fun doing it the long way though.
This was one of my favourite boxes. Easy but still gets you thinking how a file is important until you find the thing that puts those two together.
got the low-priv shell, got the ****l credentials, now reading through the directories in the place i am spawned but cant seem get any closer to any of the user. Any nudge please?
Nice box, chat me if you need help.
Got User #2, but having trouble getting to User #3. I see people going to the gym and doing curls and enumerating, but I’ve hit a wall. Probably just gonna get a good night’s sleep, but I’m still new at this and would appreciate a PM/nudge. Thanks!
Type your comment> @ArcVael said:
Got User #2, but having trouble getting to User #3. I see people going to the gym and doing curls and enumerating, but I’ve hit a wall. Probably just gonna get a good night’s sleep, but I’m still new at this and would appreciate a PM/nudge. Thanks!
enumerate some more in the new directories you have access too
A quick tip:
If you can execute commands for initial foothold, but cannot get a shell, try escaping “-” by using “–” in your command for spawning a shell.
Hope its not too much…
Rooted!
root@openadmin:~# id
uid=0(root) gid=0(root) groups=0(root)
Fun box, especially for a beginner like me. Thanks to @sChr0D1NGer for the nudge for user#3, as well as everyone else who dropped hints in this thread. My turn…
Initial: Do your homework; I hear google is great for that. If you’re having trouble searching, switch up your list and walk away for a little while; you may come back to something interesting. Once I had it figured out, I had to take the main part and recreate it; for some reason it nor M********t was not working for me with this box.
User 2: Don’t stray too far from the landing zone; the answer is closer than you think. You do not need an interactive shell to get where your going, either.
User 3: I had to ask for help on this one. Keep enumerating, and think inside the box. Also, if you’re creative (read: lazy), you won’t have to ask your friend john for help.
Root: What’s your favorite superpower? Get the fudge out of my bins and tell me!
First time giving feedback/help, please remove if I’ve said too much.
Hi guys, I’m having issues using M*****t to connect to the machine. I completes the exploit but it doesn’t create any session at all. Any hints would be appreciated. Thank you so much!
Rooted!
Would have been much quicker except I forgot to use/reuse things I’d already found.
PM for hints.
Rooted
Nice box !
Good for not forget some “basics”
Someone is spamming the box with the root flag…
Spoiler Removed
Been tryna ssh into j***y, everytime I do it, the shell fails after about 2 commands.
Type your comment> @ssklash said:
Rooted!
Would have been much quicker except I forgot to use/reuse things I’d already found.
PM for hints.
Agreed, I needed a nights sleep to figure out that I could use what I already had come over 2 hours ago…
Note to self: Don’t do HTB machines when you 're tired