OpenAdmin

1111214161759

Comments

  • edited January 10

    I lack of linux knowledge, I don't know how to LPE to get root.

    EDIT: rooted

  • Type your comment> @TheRamen said:

    Type your comment> @TazWake said:

    In very general terms, make sure it is executable (chmod) and then run filename.sh target

    Thanks.

    I've done this and get....

    [email protected]:~/Desktop# ./4****.sh 10.10.10.170
    ./4****.sh: line 8: $'\r': command not found
    ./4****.sh: line 16: $'\r': command not found
    ./4****.sh: line 18: $'\r': command not found
    ./4****.sh: line 24: syntax error: unexpected end of file

    Edit: I have tried editing the file taking the white space out but can't fix it.

    I had this same error, i just removed all the commments and used the main couple of lines and it worked.

  • edited January 9

    I got j****a's ssh, from sudo -l I am using n**o as sudo but its asking for j****a's password, do I need to look for password or I am doing something wrong ?

    Please drop a pm, Thanks

    RaNa

  • edited January 9

    Hi, that was my issue too but from reading up more on the output of "sudo -l" I realized that it doesn't say that you have sudo privileges to n*o but rather you can sudo n**o to one specific file (shown in the output of sudo -l).

    Try doing that and if it still doesn't work send me a message ^^

  • Rooted :)

    Thanks for @3ken45 for pushing me...

    RaNa

  • Rooted easy machine. I used Metasploit for my initial attack. If anyone used the .sh script to gain attack, please let me know. I'm tried it so many times, still now clear. Thank you

  • Having trouble getting the j****a account access. Would appreciate the nudge. I've checked the i******l directory and found the h***h but no further than that.

  • Got initial shell and read all files but don't know how get user1 password. Any hint?

  • @ErUnix said:

    Got initial shell and read all files but don't know how get user1 password. Any hint?

    Look around. Read interesting files (but ignore the millions of webshells people leave lying around)

  • Type your comment> @TazWake said:

    @ErUnix said:

    Got initial shell and read all files but don't know how get user1 password. Any hint?

    Look around. Read interesting files (but ignore the millions of webshells people leave lying around)

    I know the name of user1 and user2 but dont know how to get access and continue :/

  • @ErUnix said:

    I know the name of user1 and user2 but dont know how to get access and continue :/

    Look around more. You can find the password for user1 if you have a methodological search of the files and folders around where you issue you remote commands.

    Once you get passwords you can SSH in.

  • Got J* password from S**, got to the i*******l dir and looked around. I know there's something running in port 5***6 but cant seem to reach it by any means...tips?

  • guys stop bruteforcing port 22 you are not going to find that password no matter what wordlist u are using please!!!

  • Rooted.Nice box! THX!

    joelblack

  • aaand rooted. wow that was fun, thank you @dmw0ng !
    my hints
    foothold: CVE, straightforward
    user1: enum the hell out of the files on the systems and grab all loot you find in them. never underestimate the power of the bad password habits.
    user2: if you cannot go internal through a door, climb in the window :)
    root: too easy to give any hint, just look for the standard stuff :)

  • edited January 10

    greetings!

    currently stuck on doing some curly things...getting some kind of key which i obviously should not be supposed to see, but dunno what to do with that. anyone got some advice? really appreciate it :)

    edit: rooted! managed to figure it out. seems to be a good one to get the fundamentals

  • Rooted ! Fun but easy box. Feel free to PM if needed

  • Stuck so I got to j****a and now trying to use ***o to get ***t access. It keeps asking for password? I must be missing something can get the GTFO bin file to spawn me a shell but the password prompt stops me from getting what i really need it to do.

  • edited January 9

    Type your comment> @magrene said:

    Stuck so I got to j****a and now trying to use ***o to get ***t access. It keeps asking for password? I must be missing something can get the GTFO bin file to spawn me a shell but the password prompt stops me from getting what i really need it to do.

    There is a command, that shows you what and where exactly you can run with sudo without being prompted for a password.

    Hack The Box

  • Type your comment> @RaNa said:
    > Type your comment> @khalid said:
    >
    > (Quote)
    > Same Here, can some one give a nudge on root user.

    I had the same problem. Tried to figured out why. I dropped a shell through i******l , not through s**. I was in as j****a, got user flag, but s*** -* simple didn’t come back with anything useful for privesc like others were talking about, like G***b**. Once I changed method and logged in with S** creds it worked and saw what others were talking about. After this, easily rooted
    Thx beemo123 for previous help.
  • someone can give me a hint in that curly thing? maybe i don't know the syntax, i tryied the door, even the window, but i can't enter.

  • Type your comment> @Meise said:

    someone can give me a hint in that curly thing? maybe i don't know the syntax, i tryied the door, even the window, but i can't enter.

    I used the command: curl URL

    Hack The Box

  • edited January 9

    Type your comment> @Nebr0s said:

    Type your comment> @Meise said:

    someone can give me a hint in that curly thing? maybe i don't know the syntax, i tryied the door, even the window, but i can't enter.

    I used the command: curl URL

    yeah i use curl+url+port with the creds but it seems not working

    EDIT: im dumb, it works

  • Type your comment> @Meise said:

    Type your comment> @Nebr0s said:

    Type your comment> @Meise said:

    someone can give me a hint in that curly thing? maybe i don't know the syntax, i tryied the door, even the window, but i can't enter.

    I used the command: curl URL

    yeah i use curl+url+port with the creds but it seems not working

    I curled as user1 locally on the target without creds, just curl url.

    Hack The Box

  • for god's sake stop deleting the directory !!!!!!

  • edited January 9

    Spoiler Removed

  • can someone help me, I'm in the index.php folder, what should I do now?, someone could help me, I'm lost, I have ssh j ..... @ 10.10.10.171: $
    can anybody help me ?

  • found priv*** k** in local system via curl but it is not working at all while parsing to ssh and john any nudge?

  • Just finished them machine. This was my first active machine. Put about 8 hours in total into the machine. Along the way I learned a lot and really enjoyed every step. PM me if you have any questions!

  • edited January 9

    Spoiler Removed

Sign In to comment.