Hi everyone, I managed to ssh as Joanna, but I’m stuck at finding her sudo password (which is not the same as the RSA password).
Should I brute-force her sudo password (there are scripts to do that)? Or is there another way to find her password? Or maybe I don’t need Joanna’s password at all to get to root?
Hello, did somebody change something on the box, even with the ssh key I cannot ssh into the box, it keeps asking me for a password. Can somebody give any tips
Hello, did somebody change something on the box, even with the ssh key I cannot ssh into the box, it keeps asking me for a password. Can somebody give any tips
Hello, you need the passphrase that protects the private key and/or set restrictive permissions on the file.
User 1: Start by enumerating. You’ll find a means to exploit and get a terminal. From there, look for interesting files…
User 2: Now that you have a real SSH session, you’ll find another interesting file that cats something private when accessed through a particular means…
Root: GTFOBins…
Managed to pop OpenAdmin, although I’m not entirely sure the way I did it was the intended route. I managed to find the encrypted file but couldn’t pop the password and used an alternate route to get root.txt. Would appreciate if someone could enlighten me on getting the PW.
Need some help here… i stuck on getting the cred of second user.
I found the file m***.php and manage to crack the password (sha***) but that is not the password for the second user. I try to run the m***.php with openadmin cli tool (with admin cred) but I still can’t access anything on second user’s directory. I imagine user.txt is inside the second user’s directory but i can’t seem to reach that. please help …
Need some help here… i stuck on getting the cred of second user.
I found the file m***.php and manage to crack the password (sha***) but that is not the password for the second user. I try to run the m***.php with openadmin cli tool (with admin cred) but I still can’t access anything on second user’s directory. I imagine user.txt is inside the second user’s directory but i can’t seem to reach that. please help …
@kalitkd I how found the dir /o** and found the .sh script on google, but since I am very new to both linux and pentesting I am unaware of how to modify said script to point at the correct location.
try scriptname.sh http://ipaddress/path/target - change the details to be what you want to use.
i am just at www-**** shell but how to go forward , please nudge me. I hear people saying enumerate but i cant find anything
This sounds harsh, but either some idiot has messed up the box or you just need to look harder. When you run ls you find files. Are you 100% sure you’ve read every one, in every folder, and not found anything useful?
Hello, did somebody change something on the box, even with the ssh key I cannot ssh into the box, it keeps asking me for a password. Can somebody give any tips
If you are on a free box, it is very possible (even likely) that someone has broken it.
However you need to troubleshoot better. When you say “it” asks for a password is SSH asking for a password (i.e. to unlock the key) or is the remote box asking for a password (i.e the key hasnt worked).
If you spend time to find that out, you can work out a solution.
alright, this was not a particularly difficult box.
Foothold: find the vulnerable service, Google-fu
User 1: it’s right in front of you, don’t over think
User 2: pay attention to what you’re given
Root: Simplest priv esc yet on HTB
Overall a fun box. Quickest own yet for me personally.
Hello, did somebody change something on the box, even with the ssh key I cannot ssh into the box, it keeps asking me for a password. Can somebody give any tips
If you are on a free box, it is very possible (even likely) that someone has broken it.
However you need to troubleshoot better. When you say “it” asks for a password is SSH asking for a password (i.e. to unlock the key) or is the remote box asking for a password (i.e the key hasnt worked).
If you spend time to find that out, you can work out a solution.
I’m sorry, you’re right, I didn’t describe my problem well enough. So my problem was that when I tried to run ssh with the key that I found, it asked for a passphrase, well enough since i cracked the key I knew the passphrase, but after that it still asked me for the user’s password. After about 30 minutes of head banging some voice in my head told me to switch servers, maybe someone messed up the box, and lo and behold, after the switch it immediately worked, thank you for your response