NIbbles

For those struggling with login. Just try stupid things first.
Make sure you reset the box before and write down all combinations you have tried so far.

PE is a piece of cake.

Happy pwning!

in nibbleblog i can not wrote post if i dont make login? its have some way get login without bruitforce?

I found the login page and know the exploit. Please help on the credentials. I tried every “default” still cant get it. I even tried after reseting the box. Please help on the credentials

@d3m0nr007 the username and password both are already spoiled in this conversation thread.
read the entire thing and try to guess what it could it be…its as silly as it could be…!!!

How to get the login page? plz help

@p5yph3r Yeah. I got it. Thanks. Got user.txt. now trying for root. Looking for priv esc techniques.
@stevv I recommend you to look the nibbleblog github for the full dir list of /nibbleblog. You will find it there. and for credentials you dont have to go to anywhere. Its all there.

yeah i got the login page and logged in .
what to do after that?

please give some hint for PRIVESC , as many people said , i tried LinEnum.sh …also the his STUFF “m*****r.sh” does the same…i reconed we can moves that file to id(0) …but not able to execute it from there…
am I in the right direction ???

@p5yph3r said:
please give some hint for PRIVESC , as many people said , i tried LinEnum.sh …also the his STUFF “m*****r.sh” does the same…i reconed we can moves that file to id(0) …but not able to execute it from there…
am I in the right direction ???

Me too. Stuck at right there. Please help on privesc.

@d3m0nr007 lets try it together…

DM me

Got root!

DM me for any hint :slight_smile:

hi I new here and I have two days trying everything and I read all the advice that is easy but remember that when it is easy is that one more complicates someone can guide me to opt for the user and password !!!Help!!!

Spoiler Removed - Arrexel

When I got logged into the admin panel… First word came out of my word was…
“F#ckkkk”…

Sometimes trying something easy is difficult. :stuck_out_tongue:

Feel free to PM me if you need help with this box

“Can’t access tty; job control turned off”

Any help on this issue?

God knows what was happening with that portal as the creds sometimes did/didnt work.

I’ve got the root.txt but not needing a root shell or via ssh.

Did anyone get in via SSH in the end or get a root shell instead of using XXX to run root commands.

This is my first box on HTB. The amount of resets are crazy. I’ve enumed the username and login page pretty easily. Ive tried a ton of default passwords and even obvious things that are on the page itself. I feel like its possible based on the comments here that i may have already entered the correct password but its pretty buggy. Can anyone PM me to help so I can move on from this step

@murp said:
This is my first box on HTB. The amount of resets are crazy. I’ve enumed the username and login page pretty easily. Ive tried a ton of default passwords and even obvious things that are on the page itself. I feel like its possible based on the comments here that i may have already entered the correct password but its pretty buggy. Can anyone PM me to help so I can move on from this step

Feel free to PM me

I see a lot of people are having a hard time getting the login creds.

CeWL is the perfect tool for this! Check it out!