Cache

rooted :slight_smile:

r0000ted. If anyone needs help AFTER getting a HUGE headache, I might give you a nudge.

Thx @ASHacker. Interesting box. The user part gave me hard time! Overall, good challenge!

rooted
Interesting machine ; good job
user : enumerate and enumerate and enumerate and enumerate and enumerate and exploit …
root : remember what you see when you open the door and privesc :slight_smile: like a charm
thank you for the box

Congrats to @t0vlix @vicio @gverre @rfg
And please review the machine, that will be helpfull for future

Alright not even 20 minutes in and I already have a pro tip, on the wayback machine if you do what I did and search for the box, do read the title of what comes up ■■■■■ saw more than a rabbit hole O.o

■■■■!!! that’s not a spoiler but a fun fact! +1 for that

Found some creds but when I use them. All I get is an image. Rabbit hole?

I can only find authenticated exploits. Anyone want to give me a nudge? Not sure if I should be able to get admin creds

Nudge about creds would be nice. Fuzzed with multiple wordlists and file extensions but nothing on cache and h** sites.

I am Stuck at n**.h**** page. Does it have to do something with the image? Please help…

May I have a nudge, please? I found cred and then stuck in the n**.h*** with a 4***2.j not sure if it is a rabbit hole.

Type your comment> @Kaiziron said:

May I have a nudge, please? I found cred and then stuck in the n**.h*** with a 4***2.j not sure if it is a rabbit hole.

im stuck here too, i tried to steg the 4*…2.j* file and several .j** files, but i cannot get anything :frowning:

Type your comment> @rfg said:

rooted
Interesting machine ; good job
user : enumerate and enumerate and enumerate and enumerate and enumerate and exploit …
root : remember what you see when you open the door and privesc :slight_smile: like a charm
thank you for the box

even i rooted the box, i dont know what you mean by this and how is this related to the machine

Don’t go to the wayback machine and search for http://cache.htb
It will not end well for your eyes (or maybe it will I dunno what stuff you 're into).

Someone is also destroying the whole functionality. Please be more gentle, it requires brain not brawl. I have to reset again due to this mess.

HINT: For the initial foothold you don’t need OSINT but that author is telling you something interesting.

ANOTHER HINT: If you found the vulnerability do not change the globals file, it breaks our experience. Modify the POC you found on the internetz accordingly.

Since I have the feeling that many people struggle with the initial foothold here is my tip: Don’t rely on the usual enumeration tools (this time they won’t really help). Enumerate manually, read carefully the information you can find on the website and try to find more information about the author

Rooted. If you need a nudge, DM me.

very fine machine

root@cache:~# ifconfig ens160 | fgrep 10. | awk ‘{print $2}’ && whoami
10.10.10.188
root

calipendula
for nudges ONLY on discord calipendula#1089

Spoiler Removed

Box complete. Nice box but I got root before user so I guess it was not the intended way.