can anybody help me ? joanna but now I want to be root, where should I look? I have to keep enumerating? or do you have any script to scale privileges?
Find a good guide to Linux enumeration or priv esc. It will tell some things to check. One of these is a common way to issue commands as a priv user on Linux.
Then have a look what the account you have can do.
(Quote)
But root first blood was taken in 11 minutes, there has to be a way regardless the resets
Root after user is pretty straightforward. I imagine 11 minute d00d saw something tasty in the initial recon after securing the foothold and hopped on it for the easy win.
It was a nice distraction from FOREST for a little while. There are plenty of hints already all over this forum, so I won’t go repeat them. What I will say, is if you find yourself going around and around in circles then take a break. I made a couple of stupid mistakes in my syntax just because I was tired, and even though I was staring straight at them I didn’t see it.
Never mind “Don’t drink and Root” how about “Don’t HTB and not sleep”
Hi, i’ve got user1 but can’t find a way to user2… I’ve found i******l files but don’t know what to do, i’ve read previous posts that suggest curl but no idea how
Any help would be awesome!! I’ve been stuck for hours
Stuck on getting 2nd user I have j***y ssh creds. I am having an issue getting 2nd user. Can any throw me a nudge. I am not getting the curl hints since I am already within the box.
Please help with root i didn’t find anything even with n**o to escalate priv
you are doing it wrong then. Slow down, read that bin and understand how it actually works. Also carefully read output of s***-l
I was stuck at the same place, got root when I studied and understood that GTFO instead of copy-pasting it
Just rooted. Great box. Thanks to the creator.
The user was quite difficult to get, especially user 2.
My hint for this:
user 1 - do not waste time on long searches, use grep.
user2 - look for the right port.
Root: nothing to say, just GTFOBins
Without spoilers, is there a way someone can show me how to curl the m*.php file using j*'s creds? That’s where I am stuck at the moment. I was curling the http : / / servername / m*.php but it cannot find the url that way. I do have the path, but it doesnt work. I also tried spinning up a web server from within the in*l directory but that doesnt work either.
Without spoilers, is there a way someone can show me how to curl the m*.php file using j*'s creds? That’s where I am stuck at the moment. I was curling the http : / / servername / m*.php but it cannot find the url that way. I do have the path, but it doesnt work. I also tried spinning up a web server from within the in*l directory but that doesnt work either.
You need to find the correct server name and port.
Stuck on getting 2nd user I have j***y ssh creds. I am having an issue getting 2nd user. Can any throw me a nudge. I am not getting the curl hints since I am already within the box.
Enumerate all the things which might group the two users together.
Without spoilers, is there a way someone can show me how to curl the m*.php file using j*'s creds? That’s where I am stuck at the moment. I was curling the http : / / servername / m*.php but it cannot find the url that way. I do have the path, but it doesnt work. I also tried spinning up a web server from within the in*l directory but that doesnt work either.
You need to find the correct server name and port.
This is if I am curling the server that I spin up myself? If so that’d be 8000. unless you mean the regular port 80?
This is if I am curling the server that I spin up myself? If so that’d be 8000. unless you mean the regular port 80?
This is unlikely to work. You need to access where the server is serving the data from. If you are serving it yourself it cant read the files it needs to read because it has your permissions.
This was my first box and I am stoked to say I finally rooted it!!
I have given my respect to everyone whose helped me out with little nudges along the way.
This is fun and exciting and can’t wait to take on more!