OpenAdmin

15859606163

Comments

  • edited April 29
    Hi, Ive rooted the box earlier but not the john-route. Today I went back and want to manage to get in that way, but johns answer seems to be incorrect? DM me if you have any nudge/comment on that?

    Edit: I manage to solve this one with some help from a member on the forum :) Error located between screen and chair.
  • edited April 28

    I reached the final step of the 2nd users and found the super privileged command, but didn't know how to use it to get the root.txt flag
    any hints?

  • @n0Idea said:

    I reached the final step of the 2nd users and found the super privileged command, but didn't know how to use it to get the root.txt flag
    any hints?

    Read back through the past few pages - this has been asked a lot, or use the search feature to find relevant posts.

    Its hard to add anything to what has been said before without a massive spoiler.

    TazWake

    Happy to help people but PLEASE explain your problem in as much detail as possible!

    Also: https://www.nohello.com/

  • @gnothiseauton said:

    I read a lot of "John" here, but uncle john isn't needed.
    Many ways to skin a cat, but using John here is like trying to explode the door of a safe, when the window right next to it is open...

    @kbotnen said:

    Hi, Ive rooted the box earlier but not the john-route. Today I went back and want to manage to get in that way, but johns answer seems to be incorrect? DM me if you have any nudge/comment on that?

    I'd be fascinated to know you bypassed the need for John (or some equivalent tool) on this box.

    Happy to discuss in private if that is easier.

    TazWake

    Happy to help people but PLEASE explain your problem in as much detail as possible!

    Also: https://www.nohello.com/

  • Type your comment> @TazWake said:

    @n0Idea said:

    I reached the final step of the 2nd users and found the super privileged command, but didn't know how to use it to get the root.txt flag
    any hints?

    Read back through the past few pages - this has been asked a lot, or use the search feature to find relevant posts.

    Its hard to add anything to what has been said before without a massive spoiler.

    I know the sudo command to run, but when i run it it just opens the file on nano
    tried writing bash script inside of it, but didn't know how to execute it

  • @n0Idea said:


    tried writing bash script inside of it, but didn't know how to execute it

    Go back and read the tips. Running the command correctly is the first part.

    TazWake

    Happy to help people but PLEASE explain your problem in as much detail as possible!

    Also: https://www.nohello.com/

  • Type your comment> @TazWake said:

    @n0Idea said:


    tried writing bash script inside of it, but didn't know how to execute it

    Go back and read the tips. Running the command correctly is the first part.

    I did, i will dm you

  • Rooted
    Thanks to @TazWake
    Hint for root: Did u ever hear of GTFObins?

  • edited April 28

    I'd be fascinated to know you bypassed the need for John (or some equivalent tool) on this box.

    Happy to discuss in private if that is easier.

    Probably the best hint I can give: given anyone who uses john, should know why they actually do that step, just know you can do that same thing you are trying to achieve without ever needing john.... but even that seems almost like a redundant explanation: cause the reason anyone would grab for john, 'is' because they already know about this principle in the first place. It then may take some time to read up on the 'how', but still...

    Point is: forget john, open a manual before you open john and you should pretty much find what you are looking for on the first page.
    Then again, to place this in a perspective of reality: although it's simple in the end, I'm new to this and it took me about 2 days to turn this machine inside out. So no harm if you spend some time figuring it all out: it's worth it.

  • @gnothiseauton said:

    Point is: forget john, open a manual before you open john and you should pretty much find what you are looking for on the first page.

    I think I need to PM you about this because there is something I simply dont get here.

    The thing you need to use John for is a fundamental control to prevent misuse of the thing itself. If you can trivially bypass it then either there is something I've completely misunderstood (often the case) or a few assumptions over the years have been badly made.

    If the thing can be used without unlocking it, the lock is pointless and that should be true everywhere.

    TazWake

    Happy to help people but PLEASE explain your problem in as much detail as possible!

    Also: https://www.nohello.com/

  • Im pretty stuck right now. I got first user no problem. Found the interesting files, managed to curl them and got the stuff for John. Converted it to something John can read but he still never cracks it for me. Any nudges would be appreciated
  • @hrevans said:

    Im pretty stuck right now. I got first user no problem. Found the interesting files, managed to curl them and got the stuff for John. Converted it to something John can read but he still never cracks it for me. Any nudges would be appreciated

    Check the following:

    1) the file is in the correct format
    2) you are using the right options for john
    3) john hasn't cracked it but decided to hide it from you (--show).

    Alternatively try the Magnum Ripper version - its a bit more stable.

    TazWake

    Happy to help people but PLEASE explain your problem in as much detail as possible!

    Also: https://www.nohello.com/

  • Finally rooted my first box very enjoyable.Perfect for begginer like me.PM if you need a nudge. :-)

  • Type your comment> @kbotnen said:

    Type your comment> @H0ru5 said:

    Can anyone give me a little help? I discovered my weakness is enumeration because I'm stuck with www data

    To get around in a Linux system you need a username and some sort of credentials. See if you can find potential usernames.

    If you have found anything remotely interesting, have you tried to utilize it in some way? See if you can find credentials.

    You only need ‘cat’ and ‘ls’ command at this stage. Until you find some username and credentials, then you need an additional tool to test your findings.

    Do you use any scripts to help with your enumeration ?

  • Rooted :blush:

    Thanks for the original author of the hint "you're not looking at two separate commands, they're one command"!

  • Type your comment> @TazWake said:
    > @hrevans said:
    >
    > (Quote)
    > Check the following:
    >
    > 1) the file is in the correct format
    > 2) you are using the right options for john
    > 3) john hasn't cracked it but decided to hide it from you (--show).
    >
    > Alternatively try the Magnum Ripper version - its a bit more stable.

    I'm 99% sure it's in the correct format, I run the file that I curl for through ssh2**** and then feed that john. When I run john I specify the most common word list and the format. When I run --show i get "0 password hashes cracked, 1 left"
  • @hrevans said:

    I'm 99% sure it's in the correct format, I run the file that I curl for through ssh2**** and then feed that john. When I run john I specify the most common word list and the format. When I run --show i get "0 password hashes cracked, 1 left"

    Ok - then use the alternative option.

    TazWake

    Happy to help people but PLEASE explain your problem in as much detail as possible!

    Also: https://www.nohello.com/

  • edited April 30

    @hrevans i had the same issue, i just added some thing like /h**e/ at the beginning of the file provided by ssh2**** and it works like a charm. btw it's my firs user :smile:
    i hope this helpful

  • edited April 30

    Type your comment> @TazWake said:

    @gnothiseauton said:

    I read a lot of "John" here, but uncle john isn't needed.
    Many ways to skin a cat, but using John here is like trying to explode the door of a safe, when the window right next to it is open...

    @kbotnen said:

    Hi, Ive rooted the box earlier but not the john-route. Today I went back and want to manage to get in that way, but johns answer seems to be incorrect? DM me if you have any nudge/comment on that?

    I'd be fascinated to know you bypassed the need for John (or some equivalent tool) on this box.

    Happy to discuss in private if that is easier.

    It is technically possible to do this without the need for john, but the chance to break the server for everyone in the process is pretty good.

  • It is technically possible to do this without the need for john, but the chance to break the server for everyone in the process is pretty good.

    Not sure what you have in mind, but what I talk about is completely safe and much easier than using john: it takes about zero effort and resources to do it.

  • It is technically possible to do this without the need for john, but the chance to break the server for everyone in the process is pretty good.

    You alter the box, which is bad, I agree. It might confuse other users, and provide unneccessary rabbitholes. So you better clean up after yourself fast, and probably do it in the vip-tier where you have the box for yourself.

    BUT you dont break anything for other users if you know what you are doing :). add instead of replace.

  • [Apr 28 06:58] MalwareMonkey owned system on OpenAdmin [Tweet]

    Pretty fun box. A lot of CTF aspects. Root was incredibly easy. Feel free to DM for hints.

  • edited May 1

    SSH is beating me down. The passphrase isn't working, but no other errors are presenting. Pretty sure I have the correct password. Any gentle pushes?

    EDIT: Honestly, just asking for help makes you smarter... I got it!!!

  • Nice and easy box to start on again after being away for more than a year.

  • You alter the box, which is bad, I agree. It might confuse other users, and provide unneccessary rabbitholes. So you better clean up after yourself fast, and probably do it in the vip-tier where you have the box for yourself.

    BUT you dont break anything for other users if you know what you are doing :). add instead of replace.

    The path I talk about adds and breaks nothing and allows for cleanup just as well, leaving all in tact that is, creating no other holes.

  • The "good" news is that this box retires on Saturday so people can be a bit less vague.

    TazWake

    Happy to help people but PLEASE explain your problem in as much detail as possible!

    Also: https://www.nohello.com/

  • I can't seem to get the root flag using the nano given in joanna, anyone know why

    Hack The Box

  • ignore that I made a dumb mistake

    Hack The Box

  • I am new to all this and this box is an amazing eye-opener. I learned a lot, especially enumeration and linux privilege escalation. many thanks to all the hints provided here. and a big thanks to @kbotnen . for your patience and very good hints. and of course, the user who created this box. can't find the username (sorry about that)

    i guess there is never such thing as "too much enumeration". really enjoyed this box.

  • Rooted!
    Thanks @TazWake & @thescriptkiddy
    I feel so embarassed. Had it from the beggining, just got a little confused with the terminals lol

Sign In to comment.