Book

11517192021

Comments

  • I rooted today but my brainfucked.
  • I will not say I loved it, because I hit some rabbit holes. The last part was annoying with a capital A but it worked :-) I gave the builder my respect. Keep it up!

  • @MrAldersonn said:
    I rooted today but my brainfucked.

    Exactly this! I need 2 liters of Icecream to get back to normal.

  • Rooted. Big thanks to @lancelai for the final nudge.

    Happy to provide nudges to others

    marlasthemage

  • Rooted. Wouldn't have happened without the legend that is @TazWake

  • edited April 2020

    I can't open the 80 port from browser. I can ping it, scan it, but can't open the web page. Anybody has same problem?

    PS: I tried other machine, the Firefox works fine. Just not work for this one :-(
    Wireshark told me the GET request has succeed, however there is no response, only many TCP-Keepalive packets, and then nothing happen, browser keep waiting....
    Finally end with 500 Internal Privoxy Error @!!

  • @yzkofk said:

    I can't open the 80 port from browser. I can ping it, scan it, but can't open the web page. Anybody has same problem?

    PS: I tried other machine, the firefox works fine. Just not work for this one :-(

    Port 80 should be responsive.

    TazWake

    Note: https://www.nohello.com/

    Happy to help people but PLEASE explain your problem in as much detail as possible! If you say vague things like "It's not working", I cant help. This isn't Twitter so my DMs are always open.

    Currently have very limited HTB time but will try to respond as quickly as possible.

  • The box is really awesome in concept.
    And it is 100% crap box on hackthebox history..No matter thousand times you try this box is not going to respond you.The website is harldy up for 5 minutes and again restarts all from begining..
    i can't deal with this crap box anymore..

  • Done! PM if help needed

  • Spoiler Removed

  • Finally rooted after a few hours! Overall concept was amazing! Here are my takeaways that might help.

    User: Your foothold has two faces and in some ways will talk to each other. Once you figure out the link, think of ways you can get one face to disclose info based on what you tell the other.

    Root: Once you enumerate and figure out what you have control over, the exploit is crafty and straight forward - be sure to eat your peas. For some reason, I had to try the exploit a few times after resetting the box, but eventually got my foot in the door.

    Happy to throw bits of hints via dm - this was a great experience!

    passkwall

  • Spoiler Removed

  • *Spoiler Removed*
  • Spoiler Removed

    TazWake

    Note: https://www.nohello.com/

    Happy to help people but PLEASE explain your problem in as much detail as possible! If you say vague things like "It's not working", I cant help. This isn't Twitter so my DMs are always open.

    Currently have very limited HTB time but will try to respond as quickly as possible.

  • Team, I have scored user.txt and have a shell as the known user. I have been attempting root on this machine for awhile now and I need help. I have enumerated with the usual l**pea* and psy. I see interesting services but unsure what to do with it. Any help would be amazing

  • edited April 2020

    @W4rF4ther take a look again at the 2nd thing you mentioned. There should be something interesting there. A thing you would throw on a fire. Once you find the thing, Google is your friend. Once you have your files in place, it may take a couple of tries.

    I was never able to get a stable shell, but worked long enough to get the flag.

    limelight

  • Youhou we have done a three combo spoiler removed!
    Unfortunately got no time to see your answer to my question @TazWake and @OffsecGeek01 . Can you MP me your answer to my issue with mail and... you know such type of sqlthings... thank you!

  • Wow, what a nice yet challenging box! user was way harder than root if you didn't know the attack vectors. Thanks to @marlasthemage for the nudges to point me to the right direction! And thanks to @MrR3boot for another "nasty" experience. After all the struggle with user I at least added 2 additional vectors to the arsenal. Read and learn is so true xD
    As always I'm happy to help!

  • Rooted :)

    You can PM me for tips

  • Rooted! Big thanks to all who helped me! :)

    Learned a lot

  • Owned this cute box. The exploit for root is very easy, user was a bit hard. But it is an amazing box. Thanks for the creator as always... ;)

    A Chemist doing Penetration Testing - Check the Story here: BinaryBiceps

  • Hello,
    I know the privesc needs to play with lro****.
    But is it to exploit an apache vul like cf
    ca******* or not at all?

    THanks for your answer

  • mother of pearl that was hard getting user. Learned a ton and onto root!

    Hack The Box

  • Type your comment> @Tempuslancien said:

    Hello,
    I know the privesc needs to play with lro****.
    But is it to exploit an apache vul like cf
    ca******* or not at all?

    THanks for your answer

    You are on the right way with your first statement. As mentioned there is a well documented tutorial to exploit this vulnerability which you can use with almost no changes. Try to understand why you have this files in your user directory and what happens when the vuln program runs.

  • nice box, took me forever to get user, but then root was pretty straight forward after some enumeration and googling.

    Arrexel
    GWAPT,Security+,VCP,A+,Server+,Linux+,Nework+

  • @reini thank you so much!

  • Hi! Some nudge to get into the admin pannel? I know what to do but not how actually do it. I tried many things and nothing works.

  • @TheDante98 said:

    Hi! Some nudge to get into the admin pannel? I know what to do but not how actually do it. I tried many things and nothing works.

    Is this any help?
    https://forum.hackthebox.eu/discussion/comment/66573/#Comment_66573

    TazWake

    Note: https://www.nohello.com/

    Happy to help people but PLEASE explain your problem in as much detail as possible! If you say vague things like "It's not working", I cant help. This isn't Twitter so my DMs are always open.

    Currently have very limited HTB time but will try to respond as quickly as possible.

  • Type your comment> @TazWake said:

    @TheDante98 said:

    Hi! Some nudge to get into the admin pannel? I know what to do but not how actually do it. I tried many things and nothing works.

    Is this any help?
    https://forum.hackthebox.eu/discussion/comment/66573/#Comment_66573

    Yeah, I know I have to overwrite it. The thing is I don't know what uncommon technique to use and it is hard to google it. I'm trying everything in Burp. I can PM you with the things I tried and managed to do.

  • Finally rooted after a whole week. Overall super awesome box I learned a TON with this one. Really had to work to make it past each step.

    Hack The Box

Sign In to comment.