Admirer

@bondisurfer69 said:

This box is not easy. I would rate it as a relatively hard medium.

Regarding the enumeration step where you need to be using a specific wordlist, I assume someone has put out a pull request for seclists by now right? (half joking, half serious)

Happy to give hints to anyone who’s stuck, PM me

Not sure what part of the enum you have in mind, but I only had to use one specific list that is already present in SecLists. Those words that aren’t in a list, are generously given to you by the server :wink:

Type your comment> @Tempuslancien said:

Hello guys,

I’m looking for the path to root… I’m a bit lost with the stories of cobra features, power up, snakelife, king options… I found nothing on google.
Can someone PM me a link or be more explicit? :slight_smile:

Thank you!

Same here :neutral:

I can know answer you, thanks to EvilTor :)!
Play with pton p*th hijacking :wink:

Found the login page and stuck. Can someone PM me some nudges?

i tried many wordlist+extensions. It almost feels like bruteforcing which is not necessary on htb. can someone nudge me towards right extension and list?

I’ve managed to utilise the login page, and can successfully read files that I’m already aware of (ie - the first set files you come across via the r------.txt info, and the index.php) so I’m confident my “set up” is working, but when I try to read something more juicy, I get:

open_basedir restriction in effect.

the google results I’ve found suggest changing server configs, which, at this point I’m most certainly unable to do. Nudges/hints would be gratefully received!

Rooted the box !

Amazing box and very detailed box, at the end it is not very difficult, but you need know each word you read. For this difficulty maybe not so easy easy.

Thanks !

@paddanada said:

I’ve managed to utilise the login page, and can successfully read files that I’m already aware of (ie - the first set files you come across via the r------.txt info, and the index.php) so I’m confident my “set up” is working, but when I try to read something more juicy, I get:

open_basedir restriction in effect.

the google results I’ve found suggest changing server configs, which, at this point I’m most certainly unable to do. Nudges/hints would be gratefully received!

The Google results and your assumption are correct.
Maybe review what you already got and try to use it for something else :wink:

My thanks to @Aniruddh9 for a little nudge and I finally achieved user:
Amazing box, I will not forget that

User:
My suggestion is to enumerate a lot, think simple and fuzz simple (even manually),
there are some rabbit holes but can be avoided doing a correct fuzzing.
And read, read carefully.
For last step: Google Fu and go for it

Feel free to PM me for help or little nudges!

rooted…■■■■ this box was brutal! I learned ALOT from this box thanks for the box!

feel free to pm if u are stuck

Rooted.

This machine has been more difficult for me than I expected although I have learned, good job to the creator. Many thanks to EvilT0r13 and Karthik0x00 for the tips.

Feel free to pm for any tips.

Hey guys! I’m currently stuck and cannot seem to find a solution to this… I’ve managed to get past the login page but whenever I’m trying to read something from there I get this: Error in query (200): open_basedir restriction in effect. Unable to open file . The path of the file should be correct (if you input an incorrect path it tells you that it couldn’t be found). Any hints as to what is wrong?

I just root’d this one.

Lots of subtle enumeration needed for this box and it’s very CTF’ish, IMO. I’m not sure what was already said here, but I found what I needed for user on the internet (service being used/exploits). Root was a head scratcher for me since I was looking at the wrong spot for forever. For root don’t look at the obvious file that you have privileges to use. Look at what the file is using… then when you find that look inside that file longer. :frowning:

I frikin hated this box.

Type your comment> @paddanada said:

I’ve managed to utilise the login page, and can successfully read files that I’m already aware of (ie - the first set files you come across via the r------.txt info, and the index.php) so I’m confident my “set up” is working, but when I try to read something more juicy, I get:

open_basedir restriction in effect.

the google results I’ve found suggest changing server configs, which, at this point I’m most certainly unable to do. Nudges/hints would be gratefully received!

same here~ any hint for get correct file pls

Rooted this box yesterday. From my perspective, this was not an was an easy box.

Enumeration is very important for this box, every time when you find new information, take a step back, and review all your gathered information, maybe you can put some pieces together.

I’ve received some questions about this error message:

MySQL server has gone away

In case you run into this problem (just like me), use WireShark to intercept your traffic on tun0. Reproduce the error message and analyze the trace, you will find a pretty clear error message and use Google to fix it.

If you’re logged in on the login page and you’re doing your thing, you can receive this error message (also just like me):

open_basedir restriction in effect.

This means that you do not have the proper permissions to open this file. Don’t worry, the file you are looking for is there and you can find it and have permission to find the file you need. This step is logical thinking. Ask yourself the question: If I would build a web server with Apache, what files would be in the root directory?

I hope I can help you with this comment, as you’ve often helped me when necessary.

If you’re stuck or need a nudge, find me on discord: T13nn3s#1957

Type your comment> @0ddM0d3 said:

Hello.
It seems, I need a help.
I’ve found the login page of A*** tool , but creds I have don’t work, login without pass doesn’t allow me to enter, and the exploit I’ve found with google asks some credentials. Hint me, please, what vulnerability I should to use. Or, may be, I am at wrong way?

Same here and i need help,

I found the login page but couldn’t find login page credentials.
There is a syntax error with ms** password in i***.pp but i don’t understand what to do. Someones mentioned about interstaller ost dust.
I listened but i couldn’t find anything. Also i read interstellar film story but there is nothing.
I am struggling during 6 days. I searched with google that ar vulnerabilities and I found some exploit but they needs ar credential. I tried with c
*********.t** file none of them doesn’t work.

Any tips would be appreciated

Thanks
Regards,

i logged in and i don’t know what to do ?
help me.

Hello, i am newbie (3rd boxes only)…
I am stuck after having got all the bunch of credentials in lowest port. I don’t know where to go with these p*p files and can’t find the login page too… thanks for any nudge i am on it since a lot of hours for an easy box :slight_smile:

@AMRANE said:

Hello, i am newbie (3rd boxes only)…
dude this is my first box

.