Traceback

All the hints for foothold are very cool, but!
Git repository where you’ll find the list of shells IS NOT THE AUTHOR’S
Cause he has just the same repo, but other shells, stuck on it for soooo long lol

after editing the a*********_***s and I try to login, it doesn’t accept it. I make sure that the the file is how I left it but nothing happens. Any hints? I also tried to run a lua script but didn’t work

@AgentWhite said:

after editing the a*********_***s and I try to login, it doesn’t accept it. I make sure that the the file is how I left it but nothing happens. Any hints

Chances are the file isn’t how you left it. A lot of people don’t understand the difference between > and >> so have a tendency to overwrite the existing files here.

Well, I didn’t realized I was putting the wrong key actually and I feel dumb about it.
Anyhow, I managed to get the flag but my question is, was this machine only to get root or is there user also?

@AgentWhite said:

Well, I didn’t realized I was putting the wrong key actually and I feel dumb about it.
Anyhow, I managed to get the flag but my question is, was this machine only to get root or is there user also?

All HTB boxes have both flags, this one is no exception.

The user account you need to be in to get root has access to the user.txt flag.

when trying to SSH to 10.10.10.181 I am getting a password prompt. I didn’t configure any password while regenerating the ssh keys . Does anyone getting the same message , for a password prompt ?

Got root, Nice machine :slight_smile:
If you a nudge, feel free to PM me.

@Thanos17 said:

when trying to SSH to 10.10.10.181 I am getting a password prompt. I didn’t configure any password while regenerating the ssh keys . Does anyone getting the same message , for a password prompt ?

If it is a password prompt from the server, your keys have been overwritten by someone else or haven’t been installed correctly.

If its a password to unlock the key, then either you messed up and did set a password or something really weird is going on.

If you are using key based authentication (and I assume you’ve used -i correctly), the only password requests come from your machine, not the server.

Finally user and root. The biggest problem with this machine is the noise caused by other testers :(. I spent like an hour trying to exploit a /shell.php thinking that this was the backdoor…

Rooted, nice and easy. Didn’t get a shell - no need. Always open to help, as per usual :slight_smile:

Type your comment> @TazWake said:

@Thanos17 said:

when trying to SSH to 10.10.10.181 I am getting a password prompt. I didn’t configure any password while regenerating the ssh keys . Does anyone getting the same message , for a password prompt ?

If it is a password prompt from the server, your keys have been overwritten by someone else or haven’t been installed correctly.

If its a password to unlock the key, then either you messed up and did set a password or something really weird is going on.

If you are using key based authentication (and I assume you’ve used -i correctly), the only password requests come from your machine, not the server.

TazWake thanks I will remove all the existing keys and regenerate !!

PLEASE STOP RESETTING THE F*** MACHINE

PM me for help on this one i enjoyed it, finished doing my re write this morning

Could someone help me on this?

  1. I initially did OSINT and used the forum to Internetzzz the webpage and able to login.
  2. I checked that a programming language should be used which I had no idea but managed to get it from the history.
  3. Now as defined by sudo -l, I tried to swich user and run the command sudo -* s*** /home/sysadmin/luvit *.lua
  4. I performed the above command through the console of the backdoor
    I don’t see anything after that.
    Please help me here to move further

@PChan said:

Please help me here to move further

There are a few ways you can do this. You can either create a script in the language which does things to grant you access or you can get the fck out of the shell.

Type your comment> @TazWake said:

@PChan said:

Please help me here to move further

There are a few ways you can do this. You can either create a script in the language which does things to grant you access or you can get the fck out of the shell.

I stayed and did it. Thank you

Rooted, thanks for this machine. I don’t really understand the moaning about resets, didn’t disturb me at all. Foothold was quite unique, user was rather simple, a lot of useful hints on the forum. Root was a lot of fun, timing is important but I managed to get it on the first try.

Wasted a lot of time on not setting the correct permissions on a specific file. Nice machine learned a lot.

ROOTED!

Type your comment> @squirrelpizza said:

So far I found the 2 ports open after doing an all ports scan. Directory busting got me nothing, I saw the clue on the web server. But I do not see anywhere to upload the web shell. Can someone give me a nudge as how to get to a spot to upload?

Did you get where to upload?