Have reverse shell. Ran enumeration. There are some fishy results, but can’t seem to figure out how to exploit. Looking for a hint. PM please.
PM me if you want a hint
Spoiler Removed - Arrexel
@minhhungvn said:
Spoiler Removed - Arrexel
The github repo is unrelated to the machine, although it does explain how to use it once you find it
Hi. Brand new in HTB and for two days handlling with bashed. Very straightforward to get user.txt /… after that: I got the reverse shell (interactive shell) I did su to an other user … found a script… and after that, I’m getting completely crazy trying to finde the way to gain root. I’m not asking for help… yet … just thinking loudly (and sharing with you). On Sunday Bashed will be removed and I have to hurry up, but I’m very stuck right now. Greetings to all!
Finally I got the root.txt flag, without being root, playing with the scripts we all know. I don’t know exactly why it works getting the flag from there. I some could explain me via PM I would be very gratefull, since my real flag y to learn
Yes!! now I’m root !!! … Sometimes the solution is more like a puzzle than a technical matter (lateral thinking)
but actually I still don’t understand WHY could I retrieve the flag without being root, as I shared in my previous post
I’ve understood why before gaining root I was able to obtain root.txt … the reason is directly related with the way I gained root access later, but wasn’t aware of that at that moment. Now everything is clear
well im new to this whole hacking thing and im having trouble getting a foothold in poison. This is the first box im trying and ive gotten the encoded password, but I cant figure out where to go from here. Feel free to PM me as I know the answer will be “enumerate more”, but I can’t figure out how. Could someone please at least point me in the right direction?
on it as well
I don’t know if what I’m gonna say could be consider spoiler or just a hint, but… since bashed is gonna be disabled soon, let me say you the following
The difficulty here is more a matter of close view than techical (of course one must to have some basic skills) . So the hint is: “Try to figure out why some strange things could be happening” Enjoy!
once you enumerate and discover the way the flag you want is -u some googling back when I did this box had me stumble upon that option with the command and all was well.
Many thanks Kinjo!!! Was blind but now I see…!!!
Hi everybody, I would like a little push on PM. I think I am quite close, but since I am new to the privilege esc I am stuck. Would be nice to tell someone what I have done till now and how to proceed.
Cheers!
An other hint: “Review concepts like ownership and permissions”
Now that it is retired I can’t wait to read the write-up.
Got the user.txt but I couldn’t get the root.txt.
It was my first machine, though!
@HASLima said:
Now that it is retired I can’t wait to read the write-up.
Got the user.txt but I couldn’t get the root.txt.
It was my first machine, though!
also you can see the ippsec video on youtube
the machine was retired and my points too, why? is it normal?
@K43P said:
the machine was retired and my points too, why? is it normal?
yeah, when machine retires, points retire to