Hey, can someone help me, I crashed, I can’t climb privileges on the machine, can someone give me a hand or any tips?
you mean from user->root? there is no way to give hints without completely spoiling it. enumerate as usual and afterwards you will need gtfobins.
this is the problem, i don’t know how i can enumerate, what are the sensitive files, or where are the passwords, i started now, and i don’t know the way :cc
Hey, can someone help me, I crashed, I can’t climb privileges on the machine, can someone give me a hand or any tips?
you mean from user->root? there is no way to give hints without completely spoiling it. enumerate as usual and afterwards you will need gtfobins.
this is the problem, i don’t know how i can enumerate, what are the sensitive files, or where are the passwords, i started now, and i don’t know the way :cc
search all files on the system for strings that you think would be important to find. ie: user, password, authenticate, usernames, etc
I grabbed user.txt, but I’m struggling to find anything useful since the password I’ve got only gets me into ssh on j****a. Anyone able to point me in a good direction on gtfo? Everything I’ve checked has asked for creds.
Its very hard to do without it being a too-obvious spoiler.
I would suggest checking what your account is allowed to do, possibly by running as a different user, and then searching for ways to exploit that particular command.
Easiest machine that has been released on HTB in quite a while. In truth, I’m thankful – I think it’s very beneficial for the newcomers, even though some of the more seasoned users likely finished this very quickly. Even though I can’t really say I learned anything, I still enjoyed doing this box; it was a nice change of pace for once.
Easiest machine that has been released on HTB in quite a while. In truth, I’m thankful – I think it’s very beneficial for the newcomers, even though some of the more seasoned users likely finished this very quickly. Even though I can’t really say I learned anything, I still enjoyed doing this box; it was a nice change of pace for once.
100% agree. It is nice to get a broader mix of difficulties and effort required.
I enjoyed this box. If I wasn’t rubbish, I’d try to build boxes like this to submit.
Anybody else get an unresponsive $ shell when running the exploit? I took off --silent and it showed this…
$ id
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 397 100 271 100 126 108 50 0:00:02 0:00:02 --:–:-- 159
$
Anybody else get an unresponsive $ shell when running the exploit? I took off --silent and it showed this…
$ id
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 397 100 271 100 126 108 50 0:00:02 0:00:02 --:–:-- 159
$
That could be saying the server is running out of resources but if it’s on Free its probably reset every few minutes anyway.
Also double-check you are providing the correct remote address to the script.
I just got a low privilege shell and then following the tips here I find a user o*****s and a password. But they do not seem to fit in anywhere. Can you guys point me in the right direction?
I just got a low privilege shell and then following the tips here I find a user o*****s and a password. But they do not seem to fit in anywhere. Can you guys point me in the right direction?
Thankyou.
I am not sure what user account you have - it doesn’t look like one I found.
However, if you have the ability to execute remote commands on the server, make sure you fully investigate everything you can see. Start off with files and folders by where you landed before you look into the broader filesystem.
Hello, I am trying to use find / grep to find some password that gives me access to the first user, so far I can’t find anything, am I on the right track? thanks…
I just got a low privilege shell and then following the tips here I find a user o*****s and a password. But they do not seem to fit in anywhere. Can you guys point me in the right direction?
Thankyou.
I am not sure what user account you have - it doesn’t look like one I found.
However, if you have the ability to execute remote commands on the server, make sure you fully investigate everything you can see. Start off with files and folders by where you landed before you look into the broader filesystem.
It was a database user. I think I looked at all the subfolders of the application.