NIbbles

I need help with the privilege escalation and I use LinEnum.sh I already have a lot of information and for more than I try to get the information to create a user to do whatever it is I get the following error "sudo: unable to resolve host Nibbles: Connection timed out " and no I move forward and try many ways of privilege escalation
something has escaped me

Do not ask to restart everything if you can not enter because of an error or because they are on the blacklist wait 5 minutes verify you config, just ask to restart if they left information that could compromise the machine … both restarting sometimes makes you lose track of what you are doing

resolve

i root

Hi - Slightly stuck. Could someone spare 5 mnutes and throw me a PM. Looking for a nudge, not the answer.

Thanks

i solved.

I have user. and know the somefile.sh have permission to execute.
I use “sudo -u root /home/somedir…/somefile.sh”

I can’t get access to root. pls. help to get right way.

Thanks.

Anyone fancy giving me a hand? I think i’m really close! I have a meterpreter session now, just unsure if what i’m doing next is right or not

EDIT: I got user - onto root now!

First Ever hackhebox for me…

I am as far as the login page, I have browsed the file directory, used dirb, tried all defaults I know under the sun. NO IDEA what to look at next. Someone please help!

guys…
think simple…
until yesterday i do same mistake…

I’m stuck trying to get my exploit to work. I’m using the obvious exploit, and have the username and password. Getting the typical issues with image.php. Have reset the box multiple times and tried several payloads.

Got it. I was pointing at too much of the URI… take a look at the source code if you are having issues. It appends something to the URI you provide.

got the web username, now to guess the password. Is it really that obvious or am I missing something…

Got root - I just wonder if it was the intended method :slight_smile:

i have user.txt now onto root. Tough one though, not sure if I need to ssh to the box or use the meterpeter shell?

I got user.txt. Trying to find creds to ssh as the user instead of the meterpreter shell. Is that necessary?

I got user.txt stuck with escape tty, and how to run monitor.sh

@wanz327789 said:
I got user.txt stuck with escape tty, and how to run monitor.sh

How would you run something as root on any other system?

new to this and this is the first box iv’e tried. Got user pretty easy but stuck on what i feel is the very last step in privesc…

got the user in a full shell
I’m running the .sh file but cant figure out how to ‘step in’ as its executing to grab the root user. i tried passing it to bash “./XXXXXXX.sh bash” bit i get “TERM environment variable not set.”. though maybe write a new file to replace the existing one with a exploit but dont have write permissions in vi. though maybe i can pass the executing script to another shell but i have no idea how…

really ran out of ideas now so any help is massively appreciated! loving it so far though!

I’m in the same boat now, I have user and a reasonable shell. I just get kicked off every 3-4 mins by people restarting and I’m not sure yet how to get root.