Postman

Type your comment> @aaaguirrep said:

Hi, I have accessed to the server with r**** user. I see that the user doesnt have permission to read the flags. Am I ok or I need to accesswith other user? You can write me dm.

As with ANY HTB machine. If you manage to get access onto the box but can’t access the user.txt file then something more needs to be done.

Majority of the time it is that you need to priv esc somehow to the higher user in order to get the user.txt

Spoiler Removed

I’m currently trying to S** with M***. Got the key from i*_r*bk . but when I enter the passphrase I got a "Connection closed by 10.10.10.160 port 2" But this is supposed to work, right?
Is the box (on EU Free 1) in a invalid state. Is a reset needed?

Can someone with a spare few minutes message me so I can check a few things. Thanks

is anyone having 5 minutes to help me jumping on the train please? I for sure follow rabbit and mouse holes

Hi guys. Starting to work on this machine but got stucked on the very beggining. Already found the service I am suposed to exploit to get initail shell, but for it to work I need a username. How do you guys enumerate the usernames?

Many people got root with metasploit but Is there any way get root without metasploit?
I tried uname command and exploitdb privileges escalation but I didn’t work.

finaly rooted… thx 4 this box, like it. pm me if u need a nudge

Type your comment> @nuxmorpheus01 said:

Hi guys. Starting to work on this machine but got stucked on the very beggining. Already found the service I am suposed to exploit to get initail shell, but for it to work I need a username. How do you guys enumerate the usernames?

Maybe its the wrong exploit/service to use? Enumerate more. Maybe you stumble accross another service you can exploit.

Yesterday I finally got ROOT. But the strange thing, I got root before user. And judging by the posts here, I seem to be not the only one here.
Really want to know how people got user the intended way.

The initial foothold was really the hardest work on this. First I was trying to exploit the wrong service and then when I found the right one, Irealized that I have to learn a lot about it to make it work.
Sadly the exploits on msf didn’t work for me and I couldn’t make them work. So I tried another way. But this was probably not the intended one …
When I finally found a user and password, it didn’t work as I thought it would. And when I used the creds on another exploit, I was suddenly root …

Everything very strange, but all in all I liked the box, because it made me learning about a service, I had never heard before …

Type your comment> @theonemcp said:

Type your comment> @nuxmorpheus01 said:

Hi guys. Starting to work on this machine but got stucked on the very beggining. Already found the service I am suposed to exploit to get initail shell, but for it to work I need a username. How do you guys enumerate the usernames?

Maybe its the wrong exploit/service to use? Enumerate more. Maybe you stumble accross another service you can exploit.

The service I am trying on is the r***s. I think is the same everyone else is using.

I am such a noob, ive worked on this for 3 days and I know its my first box but i just cant get a start. I found the services R**** and W***** but have no clue what to do. I used dirbuster,nikto and burb on http but still, i am lost and do not know what im looking for. Pm me for a nudge please.

First active box rooted. Learned a lot. PM if you need some hints.

Can someone PM me? I’m mega stuck on foodholt.

Found R****, but none of the exploits seem to be working. I tried tinkering around with the EDB-options in metasploit, and even alternative exploit methods altogether, but nothing really seems to work here. just errors / dead-silence galore.

i have a little question. I don’t know if I’m on the right path

Redis (error)   NOAUTH Authentication requeired.

Currently on low priv shell and found the key. But when i use its giving me an error Connection closed on port 22. Pm me for nudges please.

Could someone pm me with help on user. the writeups for re** are not working.

Very good machine, takes time to reveal the right ports to attack, for that its important learn from this lesson.

Initial, you need to use your tool but pay attention in what you see, with the time probably you find so many rabbit holes but keep on mind your goal … creds.

User, this was very surprising, but quick to learn, its obviusly to even ours somethins forget to delete some older files, remember older, so this its just a step to keep going.

Root. you have everything that you need, this last creds help you with the missing element for you first exploit, and done.

Thanks to creator, great machine, great lessons.

if this result in a spoiler, please remove.

Ok, so this is my second rooted box, thanks for them little hints, people.

Without u i would be stuck forever on just discovering the foothold service, hehe.
Also search for the manual exploit was bit of a pain, but hey, I’m beginner and it was very educative.

Initial: Don’t use automated scripts, u can do it yourself manually, scan wide range of ports
Root: Well, i have read user flag from the root account, so if someone know, how would u get to the user flag before actually owning the root, could u please contact me?
But, getting the root account is very easy, u most probably already seen that exploit, when u were searching for the initial foothold. (protip. ssh is not the way)

Thanks for this box.

Is it possible that root exploit is not working for some reason? I’m getting that exploit worked but I can’t get session. I used correct exploit, I’ve seen people writing about not working sometimes. Can someone PM me if I’m doing something wrong?