Mango

1151618202123

Comments

  • edited February 2
    Got root. Nice box - thanks to the creator.

    I got the password using cURL, BASH and intruder. I was not able to make the mentioned py script work for me. If someone will share their py script I would appreciate it very much.

    I found the initial foothold difficult but learned new things on the way. PM me if you need help. Even thou I think reading this trend trough a couple of times should provide all help that is needed.
  • this is beating me up bad!

    Hack The Box

  • Can someone please PM me a nudge for foothold

  • @elpastor said:

    Breaking down and asking for a nudge, kick or push for Mango. Trying to get user credentials and stuck. Thanks

    Assuming you've got something to attack, it is a bit painful. The best suggestion I can make is to search for the database technology you are looking at and the words password extraction. You should find a blog post which helps build the attack script you need.

  • Rooted. Super cool box, I learned so much at every step, props to the creator.

  • edited February 3

    For anyone having problems using some p****n scripts they found to crack the login page:

    1. Those are proof-of-concept scripts. They are built for one specific server, which uses a different type of login page. Look at the browser or burp to see what the login request has to look like and change accordingly.
    2. The scripts are not build for realistic environments; this box is realistic enough to force you to improve the found script quite a bit.

    Don't just execute the scripts, understand them and build a better one.

    PS: Pls remove if considered too spoilery

    Hack The Box

  • Rooted ! Anyone available to enlighten me on how did you harvest the username ? I sort of guessed the username...

    IamKsNoob

  • Type your comment> @IamKsNoob said:

    Rooted ! Anyone available to enlighten me on how did you harvest the username ? I sort of guessed the username...

    You can harvest usernames in the same way as you harvest passwords. Just use a wildcard for the password.

  • rooted ! really similar of the SamboxV3 chall on root-me. Nice box tho

  • edited February 3

    I was able to harvest 2 usernames and 2 passwords with the modified python script, but neither seems to work...is it possible that the passwords contain special characters?

    EDIT: rooted. Answered my own question :smile:

  • Great box and I learned a ton. PM for nudges and include what you have done so far.

  • Stuck at finding the login page. Tried a lot of suggestions but lost where to continue looking.
    Would love a nudge! :D

  • @aladante said:

    Stuck at finding the login page. Tried a lot of suggestions but lost where to continue looking.
    Would love a nudge! :D

    Investigate the certificate.

  • The a*******s page is showing a codepen error :
    Current key is only applicable for *.codepen.io.
    Read more info about this error
    You are trying to use the following key: XXX-XXX-...
    Is it important or it hinders the challenge ?

  • Rooted, nice the user part, python helped me a lot to harvest users name and passwords.
    About the root, I got the flag without the root shell, if somebody got the shell can PM me?
    I don't understand why my command didn't work.
    thanks.

  • Really struggled with this one. Foothold was not easy.

    Rooted. PM me if you need help.

    Thanks @MrR3boot , awesome box.

    brains

  • Literally have no clue in what to do.

    Im in the login page, and im guessing that i need to inject, but nothing seems to work. Any advice?

  • found login page finally! this is so different to what ive been used to that i am very stuck, is there any kind person on here that would be willing to take me under your wing and help me out?

    Hack The Box

  • @kindominic said:

    Literally have no clue in what to do.

    Im in the login page, and im guessing that i need to inject, but nothing seems to work. Any advice?

    @Gizmet said:

    found login page finally! this is so different to what ive been used to that i am very stuck, is there any kind person on here that would be willing to take me under your wing and help me out?

    This step can be a bit painful. I never ended up with a fast script (or a pretty one), but if you google the DB name and password extraction, you might find an article which helps.

  • ok, got an under construction page.. where next lol

    Hack The Box

  • @Gizmet said:

    ok, got an under construction page.. where next lol

    I dont recall that, but if you haven't already done so, check the certificate.

  • edited February 7

    Great box. Thanks @mRr3b00t.

    Getting the foothold took a good 5 days. At least two of those days were spent crying with mango juice stinging my eyes! Then I realized I had to go away and learn a new skill, and I also learned that there are only really two main types of fruit I needed to worry about (hint).

    User and root were a fairly quick affair using tricks already learned from the other beginner machines.

    Looking through my notes on this box, the information that forms the path is definitely all on the box. No guessing needed at all.

    The main takeaway for me would be to never underestimate the power of a good sleep.

    Feel free to PM me for hints. I won't tell you the answers, but I will help you get there.

    If I helped you, feel free to respect+. This is the way. I have spoken.

  • edited February 8

    Got stuck on the "maintenance" page. Can someone give some hints?

    Edit: finally I got both users too.

    1.) to get user => enumeration
    2.) to get root => enumeration + gtfo

  • edited February 8

    PSA for whoever gets the root flag by sending it to their own vm/computer: make sure to rm the . *** .his *** y file!
    I stumbled upon someone's OVPN IP in said file earlier while looking through USER's home directory for ways to get to root.

  • User: think outside of the box, dirb and gobuster can help you to find the URL, but actually you don't need neither of them, the link is exactly in front of your eyes, just enumerate the page you see.
    After finding the login page, find out what kind of database mango is using. search for privilege escalation for that service on google.

    Root:
    Not a big deal, GTFobins is your friend.

    Great box, Thank You @MrR3boot

  • Just completed both user and root a few minutes ago thanks to the great assist from @Merlin01000101 . Great nudge that didn't ruin anything and allowed me to still solve. I'll echo most everyone else and say that once you have the initial foothold, this was pretty easy....but that first part...ugh...not easy for me.

  • Hi Guys

    I'm a bit stuck. And could use a little help.

    What do I already have:
    1. Login page
    2. An attack vector candidate.

    But I don't get any confirmation that I'm on the right track. So it could also be that I am completely wrong.

    Can someone point me in the right direction and possibly even confirm if I am indeed in the right direction?

    Thank you very much in advance.

  • Hi @mrZapp . You are on the right track and what I think you are referring to is called being 'Blind'. Unfortunately, being blind does limit how you can eat that mango, but you can still eat it!

    If I helped you, feel free to respect+. This is the way. I have spoken.

  • Type your comment> @Merlin01000101 said:

    Hi @mrZapp . You are on the right track and what I think you are referring to is called being 'Blind'. Unfortunately, being blind does limit how you can eat that mango, but you can still eat it!

    Hi ,

    Meanwhile found the way to eat the mango.

    Now just automate the eating itself :-)

  • Oh making that extraction script is gonna take some time... at least for me^^

Sign In to comment.