OpenAdmin

@w2connect said:

Yes, j****y; but no user.txt …

You dont have the correct user.

Read through the threads here for hints.

Type your comment> @TazWake said:

@w2connect said:

Yes, j****y; but no user.txt …

You dont have the correct user.

Read through the threads here for hints.

Ok! Many thx! Got stucked searching for it!! :slight_smile:

Finally rooted my second box. I had to rely on some hints posted here, this one was very educational!

Best advice I could give about this box is to try and solve it when there isn’t many players around. At times I saw like 10 people connected with around 20 to 30 terminals open, everyone running enumeration and other stuff… ■■■■ got really laggy, not to mention the resets were so annoying!!

Yes! Finally did my first active machine on HTB!
Feel free to DM me if you need some hints!

Finally rooted.

Foothold: Basic scan for services followed by another basic scan to find something that you can google. Flick around until you find something odd. Hardest part is setting the thing from google up to to work.

User1: Read files near landing site. You don’t need more than ls, cat and cd to find what you need - but using other search tools might speed things up. You can scout out your next targets using the landing user as well.

User2: Find the thing that connects User2 to User1, you may have spotted it in your initial scout for users. Look for that thing to find some interesting files, then find something that will tell you where they are served and call them for a useful output.

Root: Too simple to say without spoilers. A single command should tell you exactly how you can escalate to root.

Feel free to DM me for something a bit less vague.

Rooted! Fun machine, new things are always learned.

Private message if you need help with “OpenAdmin”.

Stuck on root and need a nudge.

Edit: silly mistake in reading output. Got root almost instantly after realizing my mistake. Was a fun experience for first machine on HTB. Thanks to @samdtyler and @TazWake for their assistance.

An easy machine to relax your mind and turn down the frustration levels. Just keep on enumerating and you will get the job done. Pm me for nudges, though I believe everything will already be there in the forum.

Rooted :slight_smile: Thanks to @5c0073r for hints.

Type your comment> @TazWake said:

@wsurfer said:

i did it, also i did change location and same issue

sudo: PERM_ROOT: setresuid(0, -1, -1): Operation not permitted
sudo: unable to initialize policy plugin

Chances are, you are running it from an account not able to run it then.

j******a user i am using.

Hey guys.

I have found the users j**** and j******; and a password n***********! from a low priv shell. I have read many comments for hints but I am unsure as to where to go from here. I have been exploring and reading the files but cant seem to find anything else of use. Any nudges would be greatly appreciated.

Spoiler Removed

Guys can someone help me, I only get shell as j***y but in this point i didn’t find nothing any help please

I’m stuck. I just cracked the hash for user j****a and got the result b******a, but I cant connect via s - Permission denied. Any hints?

edit: just got root, thanks for the tip CuriousJ

Type your comment> @m4r10m4chuc4 said:

Guys can someone help me, I only get shell as j***y but in this point i didn’t find nothing any help please

Enumerate some more. See what this user has in his files and where those files might be used.

Type your comment> @vesuviuz said:

I’m stuck. I just cracked the hash for user j****a and got the result b******a, but I cant connect via s - Permission denied. Any hints?

Pay attention to the command being used to ensure you are sending the credentials.

It was easy, and you can learn that it’s great:

Some hints:

First terminal:
Just looking for a versions, enumerate all that you can

1 user:
you don have to find a user, just a one part of the credentials, it’s inside of o** directory.

2 user:
Enumerate a directory that could modify with your after user, and find something that could be useful to connect it (to get this tool, you need to use curl, it’s no possible check it from your browser), you have to crack something.

root:
Find a possibles commands that you could exect with the last user.

If you have more doubts, send me a message.

So first time trying any box and can’t seem to get past initial foothold. I thought I had enumerated pretty well in and around the place i landed but can’t seem to make any progress.

A nudge in the right direction would be much appreciated.

If someone needs help. DM me

Rooted :slight_smile: