ServMon

1202123252630

Comments

  • Type your comment> @VbScrub said:

    @n3wb1en3w9999 said:
    I have the password from the NS*******.ini but it does not seem to work on the portal ?

    It does, but only from a certain place. Check the other settings in that ini file

    Would this require some form of port forwarding ?

    n3wb1e

  • edited May 2020

    .

    n3wb1e

  • Type your comment> @n3wb1en3w9999 said:

    Type your comment> @VbScrub said:

    @n3wb1en3w9999 said:
    I have the password from the NS*******.ini but it does not seem to work on the portal ?

    It does, but only from a certain place. Check the other settings in that ini file

    Would this require some form of port forwarding ?

    Port forwarding though does not seem to be working. Is this the correct approach to login to N*********++ ?

    n3wb1e

  • rooted. I agree with @VbScrub : the API call part is not well explained... at least the part needed to do the job...

    |GPEN|CEH|eJPT|CySA|

  • @sparkla said:
    So does it work via a REST call / CLI? Or is the WebUI necessary for the final step? Please PM me, I'd like to know!

    Does not need the Web UI. Can just be done with curl like the examples on the API documentation site show

  • Finally got root...this was fun, but man figuring out how to do this via the API was a bit counter-intuitive for me. Spent way too much time digging in the wrong spot there...jeez...

  • Can anyone give hints for the API bit pls ? Had a look at the documentation most curl requests seem to get rejected. Can't get my reverse shell working with Sc****** and Sc***s as per the cve

    n3wb1e

  • I escalated the administrator privileges got the root.txt in desktop also but its not working. I changed the sever multiple times and the root hashes also changes still htb does not accept root hashes. Please help!!

  • Type your comment> @opoudel27 said:

    I escalated the administrator privileges got the root.txt in desktop also but its not working. I changed the sever multiple times and the root hashes also changes still htb does not accept root hashes. Please help!!

    when making api calls I get "ssl error syscall" on call through tunnel. Is this expected ?

    n3wb1e

  • @opoudel27 said:
    I escalated the administrator privileges got the root.txt in desktop also but its not working. I changed the sever multiple times and the root hashes also changes still htb does not accept root hashes. Please help!!

    Raise a support ticket with HTB here: https://www.hackthebox.eu/home/support

  • Type your comment> @VbScrub said:

    t> @ChuChuJelly said:

    Is there a way to add a schedule without accessing GUI at all (I've never been able to load the login page as mentioned by a lot of people so trying the API route)? Or am I barking up the wrong tree here? Any hint would be appreciated :)

    This is where I'm stuck too :/ I've got my script added to the server via API, and can execute it using the "test" command, but it seems to run as the current user rather than as the service account. So I'm assuming the only way to get it to do that is with the scheduler, but there doesn't seem to be an API for that. Also looked at using the check_n***.exe to trigger it but can't get that to connect even locally, and the config file suggests it is disabled anyway.

    EDIT: I ended up just using the web front end to add the schedule and that worked fine. Feel sorry for people on the free servers though as even on the VIP server it was pretty sluggish, as plenty of people have said. But yeah, got root :)

    interesting. I have had my bat file in the schedule for ages and still not getting a shell

    n3wb1e

  • Type your comment

    GreysMatter

  • Would anybody be so kind and give me a nudge on how I can execute a script through the API? I've been trying forever with the web interface without any luck and have played around with different API calls, also without any luck. Been looking through the manual for over an hour now as well. Thank you!

  • Is the nsclient supposed to come back up after you restart it? Or are you supposed to not restart it?

    Hack The Box

  • Type your comment> @purplenavi said:

    Is the nsclient supposed to come back up after you restart it? Or are you supposed to not restart it?

    Don't restart it. Apparently that breaks it and the machine has to be reset

  • Type your comment> @nyckelharpa said:

    Would anybody be so kind and give me a nudge on how I can execute a script through the API? I've been trying forever with the web interface without any luck and have played around with different API calls, also without any luck. Been looking through the manual for over an hour now as well. Thank you!

    I am struggling with the same. Doesnt help that the web server is a piece of junk and people reset or ddos the box every 5 mins... -_-

    n3wb1e

  • edited May 2020

    Type your comment> @VbScrub said:

    Type your comment> @purplenavi said:

    Is the nsclient supposed to come back up after you restart it? Or are you supposed to not restart it?

    Don't restart it. Apparently that breaks it and the machine has to be reset

    Thanks! Found another way, pretty easy but fun box :blush:

    PM if you need a hint!

    Hack The Box

  • Type your comment> @purplenavi said:

    Type your comment> @VbScrub said:

    Type your comment> @purplenavi said:

    Is the nsclient supposed to come back up after you restart it? Or are you supposed to not restart it?

    Don't restart it. Apparently that breaks it and the machine has to be reset

    Thanks! Found another way, pretty easy but fun box :blush:

    PM if you need a hint!

    I cannot PM but would appreciate a hint been stuck for 4 hours on the api bit

    n3wb1e

  • Type your comment> @n3wb1en3w9999 said:

    Type your comment> @purplenavi said:

    Type your comment> @VbScrub said:

    Type your comment> @purplenavi said:

    Is the nsclient supposed to come back up after you restart it? Or are you supposed to not restart it?

    Don't restart it. Apparently that breaks it and the machine has to be reset

    Thanks! Found another way, pretty easy but fun box :blush:

    PM if you need a hint!

    I cannot PM but would appreciate a hint been stuck for 4 hours on the api bit

    If you've correctly uploaded your script, you should find it in somewhere else than settings in the web UI

    Hack The Box

  • edited May 2020

    Type your comment> @VbScrub said:

    Type your comment> @purplenavi said:

    Is the nsclient supposed to come back up after you restart it? Or are you supposed to not restart it?

    Don't restart it. Apparently that breaks it and the machine has to be reset

    I got root by restarting it - the app, not the website or the whole box. But it didn't always work. Sometimes it did crash the service as you said, sometimes it reset in less than a second. This app is very unstable.

  • User ez.. priv esc GUI is useless.

  • edited May 2020

    Why is n* deleted everytime I upload it a certain folder? I can't execute script with nsclient service if n* is not present on machine. I am literally an inch away from root using A**. Tried with ssh but can't execute commands on remote system when mixing ssh with n* listener. Alternatives like t***** are also not present. Will try more alternative shells as a strategy but it would really be nice if n* wasn't deleted immediately after upload. Can someone pm me with n* alternatives that will work on this box? Thanks ahead of time. Almost there....Grrrr.... : )

  • edited May 2020

    There is a cleanup script that runs often, but you should definitely have time to transfer tools and payloads and execute before it runs

  • how to reload?

  • Type your comment> @sh0wa said:

    Hey, I could need some help with the AI way to privesc, since the webui is buggy as hell..even with the blue icon browser. Currently I am able to load things but don't know how to add those "custom" scripts and how to deal with the S*******r via the AI

    Just like sh0wa i got stuck on the api. I've read some documentation about the API and the exploit. I have to add my external script to the n*****.**i. But I've no clue how to do this. I never used an API before. Can someone give me a nudge?

  • Rooted! User was for me as a beginner not that hard to get but root cracked my brain for a while yesterday. The API documentation you can find online should give you a clue to be able to use a certain exploit that also can be found via Google. I never used API's before so it was a deep dive for me. Had fun and learned a lot!

    My personal hint for root: you don't need to reinvent the wheel if you already have a wheel to use. :)

    If you need some more help feel free to PM.

  • Type your comment> @purplenavi said:

    Type your comment> @n3wb1en3w9999 said:

    Type your comment> @purplenavi said:

    Type your comment> @VbScrub said:

    Type your comment> @purplenavi said:

    Is the nsclient supposed to come back up after you restart it? Or are you supposed to not restart it?

    Don't restart it. Apparently that breaks it and the machine has to be reset

    Thanks! Found another way, pretty easy but fun box :blush:

    PM if you need a hint!

    I cannot PM but would appreciate a hint been stuck for 4 hours on the api bit

    If you've correctly uploaded your script, you should find it in somewhere else than settings in the web UI

    Cant seem to access it through Qu**** or Co***** features on GUI

    n3wb1e

  • Finally rooted. A truly awful machine.

    User: enum enum enum. Straightfoward, if you have issues its likely syntax.

    Root: api is pretty useless but pick through what is described. Use GUI too

    n3wb1e

  • Hi Guys

    Anybody willing to give me a hint.....I have user but I have no idea what to do regarding the ++ application to get to root.......the tips talk about UI etc and all I can find in the ini file is the password....what am I supposed to do?

  • Type your comment> @WarrenVos said:

    Hi Guys

    Anybody willing to give me a hint.....I have user but I have no idea what to do regarding the ++ application to get to root.......the tips talk about UI etc and all I can find in the ini file is the password....what am I supposed to do?

    Maybe try accessing the application from the browser using the password from the ini-file? And if you're still unable to log in, check the ini-file for hints on from where you can log in. Maybe check out chisel?

    Hack The Box

Sign In to comment.