Traceback

@uditkapahi said:

Stuck at initial enum, tried searching on various aspects mentioned in the comments OSINT and Google , still no way in.

Did you find the g****b page? If so, search it for the phrase and it takes you to a place where lots of things are stored. You can then create wordlist for these and enumerate for it.

Finally got root. Very interesting machine. My tips:

  • The key is to enumerate everything and don’t over complicate things
  • For initial foothold, check for the hacker and his comment and do some OSINT techniques
  • For user, basic enumeration es enough
  • For root, check for weak permissions on files. It’s always a good idea to check for processes that are running.

Hope no spoilers were given.

Fun box. A balanced challenge for beginners. Thanks @Xh4H!

hi there, i managed to get wan and i also know which commands it can execute (l*t). I have also written a la script to get user.txt but when i run it i get:

sudo: no tty present and no askpass program specified

i am stuck with this from days… could someone help me please??

Hi, I was able to get the root flag, but without being able to actually open a root reverse shell. Could someone that was actually able to do so PM me and explain me how he manage to do it ? Thanks !

Rooted
thanks to @cyberafro for the nudges

Type your comment

This box was so fun! thank you @Xh4H I was hung up on user for awhile. I figured it out but of course it was the silliest reason. Here are my tips:
Foothold: OSINT. When you finally see it, Google has all the answers. You can just walk right in. :slight_smile:
User: it is hard to learn something new. So some of us have to use common sources for help. The syntax is usually similar to something you know. So if it doesn’t work, figure out why, and make it work. You can’t plug and play here. Buuuut almost.
Root: Enumerate. Understand what is going on. You have to be fast or you have to be smart. I chose to be fast. :slight_smile:
You can message me if you would like for nudges. But This one just takes some thinking. No crazy tricks.

Rooted! I have a strange feeling I never triggered my own payloads and that someone else did it for me… found out while racing and then trying to clean up my mess! :smiley:

Rooted.

■■■■■■■!!! I made that way too hard. Finally Rooted. I was on the right path…but made things way to over complicated.

Thanks to WhiskeyBar

Type your comment> @TazWake said:

@uditkapahi said:

Stuck at initial enum, tried searching on various aspects mentioned in the comments OSINT and Google , still no way in.

Did you find the g****b page? If so, search it for the phrase and it takes you to a place where lots of things are stored. You can then create wordlist for these and enumerate for it.

I am still struggling to find right info from the g****b repo page . Found some scripts obfuscated, but it seems that they are of no use.

@uditkapahi said:

I am still struggling to find right info from the g****b repo page . Found some scripts obfuscated, but it seems that they are of no use.

Search for the term on the HTB box index page. Take a list of every file name on the page it takes you to and enumerate them. ISTR there are less than 20 file names to check.

Please stop brute forcing the box.

Man root it killing me on this box. Not really straight forward. I really struggled on this box. Anyone fell like PMing me help with root? I just need to know I’m looking in the right location. I don’t want the answer.

Type your comment> @Chi3f said:

Man root it killing me on this box. Not really straight forward. I really struggled on this box. Anyone fell like PMing me help with root? I just need to know I’m looking in the right location. I don’t want the answer.

find the answer in the process running

Rooted this fun box some time back, PM me if y’all need a nudge or two

pls Don’t reset the box.

Hello , i managed to get the root flag , but due to exsesive resets and machine being laggy , i couldnt get the root password to unlock somewriteups online , can anybody PM me the root password , check my profile for proof. thanks in advance

Stucked on user, how to get to root?