OpenAdmin

@hackmenot said:

I got the private key using curl but i didn’t know how to use it, i also try john to crack it but it didn’t work. feel free to pm me for hint, i think i’m closer to get the root

Google is your friend. If you google what you want John to do here, the answers will be very high on the list.

Basically its a two-step process. You use a tool to turn what you are looking at into John, then John it.

@6062055 said:

@GhostFusion or anyone who knows… I only found ona with hints on here, so how did you find ona? I’ve run a lot of searches with dirb and gobuster, but they never came up with it. Is it a better wordlist, or just Googling for it?

A common wordlist should work in finding the first pages. Then it’s a simple matter of trying the links on those pages.

This box is largely enumeration, no magic tricks needed.

Hi,
I cracked the pass b*n***** using john and when i ssh to ja.The password doesnt work.I tried resetiing too but didnt work.Could someone please help me.
thank you

@d3kum1d0r1y4 said:

Hi,
I cracked the pass b*n***** using john and when i ssh to ja.The password doesnt work.I tried resetiing too but didnt work.Could someone please help me.
thank you

Completely depends on what you mean by the password doesn’t work. You cant log in with it as a username/password combo. Its there to unlock the thing you cracked it off.

Type your comment> @TazWake said:

@d3kum1d0r1y4 said:

Hi,
I cracked the pass b*n***** using john and when i ssh to ja.The password doesnt work.I tried resetiing too but didnt work.Could someone please help me.
thank you

Completely depends on what you mean by the password doesn’t work. You cant log in with it as a username/password combo. Its there to unlock the thing you cracked it off.

I dont understand. Let me clear it i got the user.txt flag using jiy user and later found the ssh private key of joaa and cracked using john and found the pass as bloni*s but when i ssh using that pass it does’nt accept it and says permission denied

@d3kum1d0r1y4 maybe its not her password.
Maybe its a passphrase for something;)

I’d love to work on this box if it would stop hanging and dying every 2 minutes.

Seriously is this a joke from HTB??? Every time I do anything it works for a moment and then the box just hangs for 5 minutes…then I can type one command or view one url and then it hangs again…WTH???

Leaving this before I lose my mind…5 hours and all i’ve managed to do is painfully painfully painfully inch to the initial foothold with the constant hanging.

DM me for help :smile:

Hello, need some help for user2, I think i got everything for -i access but is not working. `

Edit :Rooted yay!, didn’t have everything for the right user, thanks to @01ph0rie for the help.

@d3kum1d0r1y4 said:

Type your comment> @TazWake said:

@d3kum1d0r1y4 said:

Hi,
I cracked the pass b*n***** using john and when i ssh to ja.The password doesnt work.I tried resetiing too but didnt work.Could someone please help me.
thank you

Completely depends on what you mean by the password doesn’t work. You cant log in with it as a username/password combo. Its there to unlock the thing you cracked it off.

I dont understand. Let me clear it i got the user.txt flag using jiy user and later found the ssh private key of joaa and cracked using john and found the pass as bloni*s but when i ssh using that pass it does’nt accept it and says permission denied

You’ve sort of answered your own question there.

If you got the ssh private key, you dont have a login password.

@TazWake OK, gotcha. Yeah, I saw a ton of pages, but never found that link. Oh, well. Thanks.

Type your comment

First attempted box ever since I figured it’d be the easiest currently active. Stuck on www-****. Can’t seem to find anything useful. Would really appreciate some help. PM please

@awarkozak You’re further than I. I have a prompt that literally won’t let me do anything…not even cd /tmp, ls, nada.

Oops, actually, just forgot to try with the /login.php at the end :wink:

@awarkozak said:

First attempted box ever since I figured it’d be the easiest currently active. Stuck on www-****. Can’t seem to find anything useful. Would really appreciate some help. PM please

You need to use a combination of ls and cat around the place you have landed. The information you need to progress is pretty much at your feet there.

Ignore the millions of shells. Look for interesting files and folders which may hold configuration information for a system and then remember people reuse passwords.

@6062055 said:

@awarkozak You’re further than I. I have a prompt that literally won’t let me do anything…not even cd /tmp, ls, nada.

Oops, actually, just forgot to try with the /login.php at the end :wink:

Nice one on resolving that.

If you are using an RCE, dont try to cd - you will get frustrated. RCE is not a shell and you absolutely do not need a shell for this stage.

@TazWake said:
@awarkozak said:

First attempted box ever since I figured it’d be the easiest currently active. Stuck on www-****. Can’t seem to find anything useful. Would really appreciate some help. PM please

You need to use a combination of ls and cat around the place you have landed. The information you need to progress is pretty much at your feet there.

Ignore the millions of shells. Look for interesting files and folders which may hold configuration information for a system and then remember people reuse passwords.

Wow I hate myself. Found the credentials for user1 hours ago but only attempted to login with user2. Thanks for the push, made me retrace my steps. My true newbie colors are shining through at the moment. I’ll get there eventually

can someone give me hint i get the user1 j***y but cannt get the user2 can someone give me hint?

@0xstain said:

can someone give me hint i get the user1 j***y but cannt get the user2 can someone give me hint?

Enumerate your user fully, find out if something groups the two users together. Find things they might both be able to access. Read them, exploit them.

Is the user ji*** supposed to have a user.txt?