OpenAdmin

Type your comment> @t4felkre1de said:

Type your comment> @dr0ctag0n said:

Type your comment> @up2nogood said:

Can anyone help with the gtbin… i can’t seem to get anything to work without jo* password

find the password then :smiley:

there are ways to get it from what you should already have

I’m also stuck there, can’t find the password

there are tools to brute force it. it also gives a hint when you get the proper output. try creating a custom selective wordlist to brute force rather than huge ones.

Many people struggling i see, for a little respect i will nudge you further :slight_smile:

I have made initial foothold and got shell for www-data. Trying to get user1 & user2 flag, i found obfuscated code within another format file. Is that a rabbit hole? Any pm for help would be appreciated. Also, because I fairly new to HTB, is it normal for files to disappear on every reset? How reset is working? Is there any way to keep the files I have created in order to acquire the flags remaining?

Thanks for any help.
Sorry for TMI, first time posting here.

@dmw0ng

Thanks, I enjoyd this box :slight_smile:

OK so remember to not be stupid and typo your arguments for a certain program when you need to use it. That’s what tripped me up. I’m also pretty sure that I did it the right way but only time will tell once the machine’s retired.

I had a lot of fun with this box. Dry January depression is in full swing and I needed some kind of win/success today. I started working on this box at 235PM and finished it at 427PM, and I suck at this stuff. Yes, its a pretty easy box, but it reinforces all the skills and abilities you need to work on harder boxes. Very real world imo, because most sysadmins are this lazy and inept, haha.

Foothold: Enum the box, dirb wont tell you everything but its a COMMON starting place. Once you find the goodies, find the exploit with your good friend Mr G. The exploit code will need you to either edit it, or think about the argument youre feeding it. Understand the exploit before you use it.

Foothold > User1: Search through all the files you can with the current account and hunt for some creds. You should be able to stay within the VARious boundaries to find what youre looking for. Use the creds asymmetrically, while considering the aforementioned laziness/ineptitude of most sysadmins/webdevs.

User1 > User2: Look at whats running on the box. Think about the directory structure, and search through it. Youll find a nifty site that you might be able to get to from localhost, there are a few tools/methods for doing this. After succeeding, just remember that ROCKs are YOUr friend. (Took <4min to get what i needed on my slow af laptop)

User2> Root: Do you know what User2 can do? Are they SUperman? GTFO, or ill throw you in the trash BIN. (its literally the first one, if you know how to search right)

Hit me up if you need help (dont forget about the stars :stuck_out_tongue: ).

If this is too spoiler’tastic, lemme know and ill delete/edit it.

deleted

Pretty cool box indeed. Made me think outside the box to get root; I was overthinking it but not as complex. Definitely liked it. For the user flag…once you get in, do a ton of enumeration of what you can access.

Im Uber new and kinda stuck right now. Would anyone be willing to help me out? Not looking for handouts but perhaps a tete-a-tete I have been working on this box likely a lot longer than I should lol. Any help and guidance is appreciated!

Definitely a fun box! I overthought it during some steps for sure but kept at it and everything was straight forward as soon as I decided I was going to use my brain. Can say I learned a good bit from it which is awesome.

Initial Foothold: Its all over google, play with it a bit and see what it gives you
USER1: others have given good hints. however just enumerate and you will find what your looking for. probably the most painful part because of the “shell”
USER2 : This is the part I overthought hardcore. I missed one very important thing. But Played with some basic networking commands to see what was running and it stuck out.
ROOT : find a file, GTFO

Rooted :smiley:
Nice box. Finally I enjoy a box here! Now I am very motivated, thanks to the creator for this box, it helps me a lot to put in practice some IppSec and s4vitar teachings.

Need help editing the script for the 47**1RCE

It took me a long time to find the RCE for initial foothold but once I got some traction the whole box was really linear and quick. Great box for beginners and a fun one. Loved the classic bash.org reference. Thank you for a fun box!

PM me for nudges if you are stuck :wink:

Rooted this one last weekend, fun little box!
Took a while to get the user but that was mostly due to the slow connection, once the traffic cleared up things went pretty smoothly.

Taking ssh access with user is not enough? Where do i find the user1.txt hash flag?

Rooted. thx for user2 hint @seke :slight_smile:
Good box for learning thanks to the maker :slight_smile:

rooted, nice basic machine

root@openadmin:~# id;hostname;date
uid=0(root) gid=0(root) groups=0(root)
openadmin
Tue Jan  7 10:44:45 UTC 2020

Initial was very fast. Box name is big hint
User1: Took time to understand where to use my founds. Some rabbit hole took time
User2: Don’t fallow what do you see. Maybe some found the right password, but I used different way.
Root: Very common root. There is no possible to give root hint without spoilers

got user and root after hours of being stuck on little things. feel free to pm me for help (no spoilers).

I am able to get command execution using 4****.sh but unable to get any reverse shell commands to work. Any help would be appreciated.