Admirer

1101113151623

Comments

  • [email protected]:~# whoami && id && hostname -a
    whoami && id && hostname -a
    root
    uid=0(root) gid=0(root) groups=0(root)
    Got root and understood how exploit r****my*********.** works.
    Thanks to @bertalting and @knuijsting for not letting me drown in the sea of ​​rabbit holes.

    Hack The Box

  • Hey, still stuck on that machine...

    I found the uti****-S***** and then the ad**-**k* but I'm thinking this may be a rabbit hole. can someone confirm?

    And what am I spouse to find bt fuzzing? I'm fuzzing for like a week with no result :(
  • edited May 2020

    hello, i have a trouble with lol.xml,when i load that file,it say that "Error in query (7890): Can't find file 'app/etc/lol.xml'. "

  • Guys I tried dirbuster on wordlist big.txt and common.txt on / and /a****-**r ,but all files enumerated have response code 403,Can some one nudge me a hint

  • Getting to user seemed ok but I got stuck now with root. I think I followed to many rabbitholes and ended up now with what I think is the right place to followup on. but I cant figure out how to go about it. I'm looking into a****_t****.** and b*****.** . Maybe someone could help me out here. thx

    zaphoxx

  • Got root , thanks to @killerhold for the help to see the light.

    For those who are stuck in root and know that this is about, as it happened to me, think that all users have their own "particularities"

  • Rooted! Foothold was a tangled web, but ultimately gave me a few more wordlists to add to my checklist. @beorn was helpful here. What is missing but should be present is just as important as what you find.
    User was me being an idiot. @Solarstorm gave me a helpful hint which I will condense to this: Think about WHEN what you found before was generated.
    And root was fun. Much easier for me with snake-training experience. Walk along the way carefully.

    ph03nix0x90

  • Rooted, I've learnt a lot about enumerating and to pay attention to details.
    PM me for nudges.

  • I don't get the hate, user was pretty dope!

  • Pretty neat box indeed. I also don't get the hate. Along the way you may get frustrated but cooling off, trying smarter, googling, testing before shooting etc will get you through it.
    There's also no need to leave trails and spoilers on this box, if you save and name your files some type of way they'll be deleted anyway in a few mins.
    I got rev shell for root on first attempt so I don't know how people have an issue with that.
    Everything you need is already available.
    Enjoy the box!

  • That was a fun box. Took a little thinking early on but once I got past the initial enumeration the rest was fun and straight forward.

    Happy to nudge so you learn, but no spoilers given.

    corpnobbs
    OSCP | OSWP | so much more to learn ...

  • Just nabbed user...jeez...was it "easy" sure after you put the pieces of the puzzle together. Each step closer kind of glues another piece in. But man without a couple of hints, I would have been more lost. However I must say, that it does get you thinking a bit more on basic enumeration. Don't be afraid to try another tool if your favorites aren't working. I admit I get stuck on dirbuster, dirb, and completely forgot about wfuzz which got me what I needed. If I wasn't so set in my ways, I may have had a much easier time. Thanks to the creators of the box @polarbearer and @GibParadox for "slapping my wrists" a bit to break out of the same old, same old. Is it frustrating? Sure...but maybe I'll remember wfuzz next time I can't find what I'm looking for with my goto tools....

  • Everyone is saying that root i cake, I see some files I can sudo, but no idea what to do with them...can someone PM me with a nudge...I feel like this should be obvious but I'm just missing it.

  • edited May 2020

    So i have root.txt via the privesc but can't seem to get the reverse shell to work? Anybody else with the same issue that it's just not responding?

    But the box was really fun and made me look into my enumeration techniques in the beginning ;) learned a lot!

  • At the edge of giving up. Got the login-page, tons of creds and dumps, but can't log in. I even tried to forward myself to the db. Can anyone DM me with some hints, pls?

  • I'm a bit new and I can't figure out the priv esc to user can someone pm me for a nudge or a hit. (the roots/users on my acc are from my friend helping me but i didn't learn anyhting)

  • Thanks to the creators for the box :smile:
    Educated guessing might help getting what you want, but Fuzzing will also do the trick. Try common wordlists with common extensions

    Watskip

    < Soli Deo Gloria >

  • This was the longest I ever took to get the user flag for a 20 point box. After all the dirbusting, getting the vulnerability to work correctly also required a fair amount of configuring and googling.

    The root method is similar to that in a recent box, but with a twist - here it is related to a certain serpentine security gotcha.

  • Just root it. It's totally not an easy box for me :blush:

    jkana101
    OSCP | Sec+ | MCSE | VCP | CCNA

  • edited May 2020

    Would appreciate a little nudge, got the r*****.t file, the user, the a****-r, and after a truckload of fuzzing I'm still nowhere after a good few hours of busting

    Edit: found the next step.

  • Finally rooted this machine! Took me little longer than usual but it was quite worth it I've learnt a few things I'll probably never forget.
    Special thanks to @polarbearer and @GibParadox for this cool machine.

    image

  • edited May 2020

    Awesome machine, thanks to @polarbearer and @GibParadox for so awesome challenge. Really don't know why a lot of people point that this one is a CTF machine, scenarios like this one happen in the real world. I think that the only problem is that the machine is not an "easy" one (or at least not for me), this focusing in the amount of enumeration needed to get the initial foothold

    My hints:

    User

    • Use that word without abbreviating it
    • Try to access that
    • It's not about him, it's about you

    Root

    • Read about the powerup and the cobra features

    Hope I am not spoiling the machine, if is that, remove the post

  • Really nice and fun box, learned a lot of new stuff!
    PM me if you need a nudge.

  • can someone pm me with a nudge ?
    i am stuck with the login page
    i grabbed every file i found and tried every password but i always get "Access denied"

  • @SohaibSEG said:
    can someone pm me with a nudge ?
    i am stuck with the login page
    i grabbed every file i found and tried every password but i always get "Access denied"

    thanks everybody i got user
    moving towards root

  • that's the hardest "easy machine" after forest!!! Struggling on root...
    I think it involves "W" command, but I'm not completely sure.

  • Anyone willing to give a nudge for the login page? Attempted bruteforcing using fuzzed info, attempting the vulnerability but getting 'Connection refused" :(

  • Hi, I have found the h..*z file but am struggling where to go from here. Can someone give me a nudge please.

  • edited May 2020

    Type your comment> @WireInTheGhost said:

    Hi, I have found the h..*z file but am struggling where to go from here. Can someone give me a nudge please.

    Analyze what you have seen and start fuzzing again as this box recommends most enumeration skill.

  • @g1g4 said:
    Anyone willing to give a nudge for the login page? Attempted bruteforcing using fuzzed info, attempting the vulnerability but getting 'Connection refused" :(

    Configure the environment properly.

Sign In to comment.