Cache

Rooted! Feel free to DM me if you need a hint :slight_smile:

I have found the p*****, and the pdf which describes the vulnerabilities, but I cannot exploit either of them. Any help would be highly appreciated!

Took me a while, but finally rooted. Thanks to @ASHacker for the box creation, and @MrHyde for some helpful hints.

If you need a nudge or hint, pm me!!

i cant find that H************, uff - can someone give a hint? pm
edited: wow i messed up about 3 hours with a typo rofl

Spoiler Removed

YEY for root.

Footholder: Enumerate everything and take notes.
-Get to know the author.
-Make things close to home
-The internet is your friend
First User: Sometimes it is that simple, if you enumerated from the start.
Second user: cached
Root: Please leave.

I was nudged, I would love to return the favor.

Hi,
Awesome box, thanks @ASHacker :slight_smile:
Feel free to PM me if you need help.

Ok, here for the first time I got root before user.
That would be just ok, if only not because I really have no clue on how it could have been achieved differently…
I mean, the path was so straightforward that i hardly can imagine how user could be useful to get to root…
If anyone wants to help me in understanding something more, please pm me, becasue i have the horrible sensation of having missed something that is worth to learn…

@Chobin73 said:

If anyone wants to help me in understanding something more, please pm me, becasue i have the horrible sensation of having missed something that is worth to learn…

I’d be happy to discuss this because I cant see how you’d get to the root without hopping through user.

Type your comment> @TazWake said:

@Chobin73 said:

If anyone wants to help me in understanding something more, please pm me, becasue i have the horrible sensation of having missed something that is worth to learn…

I’d be happy to discuss this because I cant see how you’d get to the root without hopping through user.

i sent you a pm…

@Chobin73 said:

Type your comment> @TazWake said:

@Chobin73 said:

If anyone wants to help me in understanding something more, please pm me, becasue i have the horrible sensation of having missed something that is worth to learn…

I’d be happy to discuss this because I cant see how you’d get to the root without hopping through user.

i sent you a pm…

Nice one - thank you!

Rooted! Happy to answer any questions via a pm

Has anyone exploited the box without sqlmap? I would have a question for manual exploiting.

I really enjoyed this machine. Many many hints exist on here, I don’t think I can add anything at least. Cheers to @ASHacker for a decent box. DM me, should you wish, for nudges or poke me over on Discord.

A very honest tip gained from struggling, if your P*P is disabled/not working and restarting doesn’t help switch to a different server immediately. for the EU free server it was impossible to work on due to instability of machine and people who use exploits without knowledge and consideration about others !!

Just GotRoot! This is one of my favorites boxes. Not sure if I followed the designed path but I got root before I got user, curious to see other peoples wright-ups later on. I did get stuck twice on this box ( initial foothold and root privesc)

Nudges:
Initial foothold: Don’t overthink this or go for the rabbit holes. Make sure to enumerate the page and read everything for clues. Once you know you are in the right place GOOGLE.
User: Once you find yourself with a shell enumerate and investigate anything interesting
Root: Easiest root I’ve ever done. simple privesc script and a quick google is all you need

Congrats to @ASHacker for making an excellent box. If you are still working on it, do not get ahead of yourself w/fuzzing. The rest should fall into place.

Fun and interesting box! I have learnt a few thing!
Congrats @ASHacker !

Took me too long to get the initial foothold. I don’t think I followed the designed path. I got access to one of the accounts (without flag) after initial foothold, and then immediately got root (and thus user 10 seconds later)…

Fun box. Real life enough to be encountered for real somewhere.

Hints:

  • Initial: You don’t need to search for exploit code once you find the interesting part. It’s more interesting to use the big text somebody has written. Just use tools made for the job, to find credentials and get your foothold.
  • With foothold: Enumerate, and think about the name of the box
  • With user access: Your power cannot be contained!

Rooted! Pm on htb for nudges :slight_smile: