I Thank you all for your time on the machine… @AwkwardUnicorn @limelight @itachi982 @sk4 @fr0ster @jiggle @D8ll0 @DaWoschbar @skunk @41fr3d0 @Dark0 @SneakyHedgehog @3l33t @Termopan @hg8 @beorn
I hope you have used intended way to exploit root because that is fun?? (mount method is also great and valid but really easy)
And please give your precious review of machine on HTB site.
found the portal, bypass-ed the authentication… trying injection to extract vital info which can bring me further… anyone can provide nudges??
zard
May 12, 2020, 6:28am
195
Type your comment> @lancelai said:
found the portal, bypass-ed the authentication… trying injection to extract vital info which can bring me further… anyone can provide nudges??
DM
schizo
May 12, 2020, 6:29am
196
uid=0(root) gid=0(root) groups=0(root)
Rooted Finally!!!
PM me for help …
madm4n
May 12, 2020, 7:20am
198
how can i get user1 and user2? please
Type your comment> @madm4n said:
i got 3w-data , and stuck. can not find anything useful
switch user, you have already found the creds earlier on which is useful now, but not useful in user flag.
MariaB
May 12, 2020, 7:46am
200
ROOTED
lol what a journey
i spent more time fighting resets . Like i had to repeat over and over again because the box was getting reset evry 5 mins
For the shell like one of the members mentioned there is a way not so intrusive like the RCE .So i didnt use it .
Root was nice ,a well know technique a little google will give you what you need .
@ASHacker cool box!
N0p
May 12, 2020, 8:05am
201
I would like to try it too, but the portal is always offline, can anyone stop breaking the site?
MariaB
May 12, 2020, 8:31am
202
@luca76 unfortunately is like that the site is stable for 5 mins .So you have limited time and repeat 1000 times .: (
But apart from that the box is really cool and like always people spoil it a bit
N0p
May 12, 2020, 8:53am
203
yes nothing to say on the box and very funny, I’ll try again this afternoon, now it’s impossible to work on it
need nudges in bypassing h** login page…
Rooted!!! this machine.
Thanks to my teammate @Centip3d3 for the nudges.
So my little advice is “txt is superior to py” For everyone sake please use the non destructive way in rather than ruining everyone’s game. Root was breeze and enjoyable.
Just got root, thanks to @Zard and @Dark0 for the nudge.
I have never knew the blue whale and the cache can do this kind of magic…
Rooted late last night. My favourite past was was the second user. Never used this service before. Overall an excellent box.
Type your comment> @garffff said:
Rooted late last night. My favourite past was was the second user. Never used this service before. Overall an excellent box.
me too… i have never thought this can be exploited… just learned about this moments ago.
rooted, thanks for all who helped me…
user: was not easy for me, as it required to understand the chained vulnerabilities and what to extract…
user2: not that difficult as it related to the box name…
root: quite easy, gtfo, as mentioned by others in this forum…
N0p
May 12, 2020, 2:10pm
211
you have to do something it is not possible so, the riane box up only for a few seconds and then down again
Cool! Foothold was most “annoying” part.
The rest was really easy.
From login to root took less than 1 hour and half.
Honestly I would rate this a green machine!
Little help, if you’re stuck on H** login page, use Google to get info on the running service. DuckDuckGo won’t give what you need.
For nudges PM.