Hint for Sunday

I have user but … just wondering if I could make it alone without “being helped” by others. Those who are already in understand what I mean.

Somebody left me a gift on Sunday. I got root flag before having the user one. First time on HTB.

@B0rN2R00T said:
anyone to talk bout priv esc part.?
I found something on priv esc but it’s not working.

sure. I’m in there - but not root yet

anybody willing to talk about getting user?
managed to enumerate and find some users but not sure how to carry on

@0c3r said:
anybody willing to talk about getting user?
managed to enumerate and find some users but not sure how to carry on
I am on the same spot. Found a few users. now i am not sure what the next step is.
I may have lost something on my nmap scans though

@0c3r said:
anybody willing to talk about getting user?
managed to enumerate and find some users but not sure how to carry on

@w31rd0 said:

@0c3r said:
anybody willing to talk about getting user?
managed to enumerate and find some users but not sure how to carry on
I am on the same spot. Found a few users. now i am not sure what the next step is.
I may have lost something on my nmap scans though

Go back to your nmap, look for a point of access and the try some obvious guess work.

@The0Xypher said:

@0c3r said:
anybody willing to talk about getting user?
managed to enumerate and find some users but not sure how to carry on

@w31rd0 said:

@0c3r said:
anybody willing to talk about getting user?
managed to enumerate and find some users but not sure how to carry on
I am on the same spot. Found a few users. now i am not sure what the next step is.
I may have lost something on my nmap scans though

Go back to your nmap, look for a point of access and the try some obvious guess work.

i have detected a point of access. but I left it aside as i felt i am missing the clues to use it.
you are implying that random guessing is required? or i need to enumerate more to get a hint?

@The0Xypher said:

@0c3r said:
anybody willing to talk about getting user?
managed to enumerate and find some users but not sure how to carry on

@w31rd0 said:

@0c3r said:
anybody willing to talk about getting user?
managed to enumerate and find some users but not sure how to carry on
I am on the same spot. Found a few users. now i am not sure what the next step is.
I may have lost something on my nmap scans though

Go back to your nmap, look for a point of access and the try some obvious guess work.

First step is indeed obvious, but now I’m trying to find something what will give me user and really cannot find anything. On 20p machine it should rather be something really simple.

@macw141 said:

@The0Xypher said:

@0c3r said:
anybody willing to talk about getting user?
managed to enumerate and find some users but not sure how to carry on

@w31rd0 said:

@0c3r said:
anybody willing to talk about getting user?
managed to enumerate and find some users but not sure how to carry on
I am on the same spot. Found a few users. now i am not sure what the next step is.
I may have lost something on my nmap scans though

Go back to your nmap, look for a point of access and the try some obvious guess work.

First step is indeed obvious, but now I’m trying to find something what will give me user and really cannot find anything. On 20p machine it should rather be something really simple.

By user I mean flag. I can login

@w31rd0 said:

@The0Xypher said:

@0c3r said:
anybody willing to talk about getting user?
managed to enumerate and find some users but not sure how to carry on

@w31rd0 said:

@0c3r said:
anybody willing to talk about getting user?
managed to enumerate and find some users but not sure how to carry on
I am on the same spot. Found a few users. now i am not sure what the next step is.
I may have lost something on my nmap scans though

Go back to your nmap, look for a point of access and the try some obvious guess work.

i have detected a point of access. but I left it aside as i felt i am missing the clues to use it.
you are implying that random guessing is required? or i need to enumerate more to get a hint?

Well I got into the box using some educated guessing. If you’ve seen any of ippsec’s videos on youtube, just do what he does. Go for some obvious guess. The entry to the box is similar to Valentine in the sense what you need is practically in front of you.

Anyone have any hints for priv esc? I dont see anything except a troll.

@The0Xypher said:

@w31rd0 said:

@The0Xypher said:

@0c3r said:
anybody willing to talk about getting user?
managed to enumerate and find some users but not sure how to carry on

@w31rd0 said:

@0c3r said:
anybody willing to talk about getting user?
managed to enumerate and find some users but not sure how to carry on
I am on the same spot. Found a few users. now i am not sure what the next step is.
I may have lost something on my nmap scans though

Go back to your nmap, look for a point of access and the try some obvious guess work.

i have detected a point of access. but I left it aside as i felt i am missing the clues to use it.
you are implying that random guessing is required? or i need to enumerate more to get a hint?

Well I got into the box using some educated guessing. If you’ve seen any of ippsec’s videos on youtube, just do what he does. Go for some obvious guess. The entry to the box is similar to Valentine in the sense what you need is practically in front of you.

This part I have (can login but still no access to the user flag), but no clue so far what to do next what amazes me, because this is 20p box.

@The0Xypher said:

@w31rd0 said:

@The0Xypher said:

@0c3r said:
anybody willing to talk about getting user?
managed to enumerate and find some users but not sure how to carry on

@w31rd0 said:

@0c3r said:
anybody willing to talk about getting user?
managed to enumerate and find some users but not sure how to carry on
I am on the same spot. Found a few users. now i am not sure what the next step is.
I may have lost something on my nmap scans though

Go back to your nmap, look for a point of access and the try some obvious guess work.

i have detected a point of access. but I left it aside as i felt i am missing the clues to use it.
you are implying that random guessing is required? or i need to enumerate more to get a hint?

Well I got into the box using some educated guessing. If you’ve seen any of ippsec’s videos on youtube, just do what he does. Go for some obvious guess. The entry to the box is similar to Valentine in the sense what you need is practically in front of you.

Ok i feel so dump, i thought i had tried that combination more than once.
i managed to log in after all. cheers

cool box

@macw141 said:

@The0Xypher said:

@w31rd0 said:

@The0Xypher said:

@0c3r said:
anybody willing to talk about getting user?
managed to enumerate and find some users but not sure how to carry on

@w31rd0 said:

@0c3r said:
anybody willing to talk about getting user?
managed to enumerate and find some users but not sure how to carry on
I am on the same spot. Found a few users. now i am not sure what the next step is.
I may have lost something on my nmap scans though

Go back to your nmap, look for a point of access and the try some obvious guess work.

i have detected a point of access. but I left it aside as i felt i am missing the clues to use it.
you are implying that random guessing is required? or i need to enumerate more to get a hint?

Well I got into the box using some educated guessing. If you’ve seen any of ippsec’s videos on youtube, just do what he does. Go for some obvious guess. The entry to the box is similar to Valentine in the sense what you need is practically in front of you.

This part I have (can login but still no access to the user flag), but no clue so far what to do next what amazes me, because this is 20p box.

Same for me although I havent had time to really look into it yet. Gunna take a look myself in a bit.

@w31rd0 said:

@The0Xypher said:

@w31rd0 said:

@The0Xypher said:

@0c3r said:
anybody willing to talk about getting user?
managed to enumerate and find some users but not sure how to carry on

@w31rd0 said:

@0c3r said:
anybody willing to talk about getting user?
managed to enumerate and find some users but not sure how to carry on
I am on the same spot. Found a few users. now i am not sure what the next step is.
I may have lost something on my nmap scans though

Go back to your nmap, look for a point of access and the try some obvious guess work.

i have detected a point of access. but I left it aside as i felt i am missing the clues to use it.
you are implying that random guessing is required? or i need to enumerate more to get a hint?

Well I got into the box using some educated guessing. If you’ve seen any of ippsec’s videos on youtube, just do what he does. Go for some obvious guess. The entry to the box is similar to Valentine in the sense what you need is practically in front of you.

Ok i feel so dump, i thought i had tried that combination more than once.
i managed to log in after all. cheers

no problem bro

I think i found the way in to the box but yet did not get access to it can someone PM me on it.

So I logged in as a user and cant seem to find how to access the user.txt as it is owned by Spoiler Removed - Arrexel. Can anyone PM me a hint on how to view the file or Priv escalation? Respect will be given

@lambda1776 said:
So I logged in as a user and cant seem to find how to access the user.txt as it is owned by Spoiler Removed - Arrexel. Can anyone PM me a hint on how to view the file or Priv escalation? Respect will be given

enumerate manually :wink:

@S4ck said:

@lambda1776 said:
So I logged in as a user and cant seem to find how to access the user.txt as it is owned by sammy. Can anyone PM me a hint on how to view the file or Priv escalation? Respect will be given

enumerate manually :wink:

I believe i did, i saw a interesting troll and thought it might have something to do with it but maybe im wrong. And i didnt see anything particularly interesting during the rest of the enumeration. Am i missing something?
I am looking to improve my enumeration so tips or resources would help.