Hint for Sunday

Same here, I can see the tool but get permission denied using it it to try to run anything

@IVWKCSEC said:
So I’ve got access to both users on box and the user.txt

Stuck trying to priv escal to root… Can see one tool that an be used via sudo but no way to leverage it ?

PM me

I’m also available to help people stuck on the box

Hack The Box

@meni0n said:
Same here, I can see the tool but get permission denied using it it to try to run anything

i dunno man, i’m pretty sure there’s plenty of things you can pass to it that’ll run

Please stop messing with important files likes /etc/sudoers

Got root. That was interesting. PM me if you need help.

■■■ that was too easy, right in front of my face…

Spoiler Removed - Arrexel

@dshulman said:
Spoiler Removed - Arrexel

Try it and see

Got the root flag finally. PM if you need help

@sk2k said:

@meni0n said:
Same here, I can see the tool but get permission denied using it it to try to run anything

i dunno man, i’m pretty sure there’s plenty of things you can pass to it that’ll run

Subtle hint. Thanks :slight_smile: still getting permission denied. tried everything I can think of, man!

@dneyed said:

@sk2k said:

@meni0n said:
Same here, I can see the tool but get permission denied using it it to try to run anything

i dunno man, i’m pretty sure there’s plenty of things you can pass to it that’ll run

Subtle hint. Thanks :slight_smile: still getting permission denied. tried everything I can think of, man!

Nevermind! got it :slight_smile:

Anyone able to help me with user? I’m connected. Found a file just wanting to know if i’m on the right path :slight_smile: PM if possible

U r right.

@dneyed said:

@dneyed said:

@sk2k said:

@meni0n said:
Same here, I can see the tool but get permission denied using it it to try to run anything

i dunno man, i’m pretty sure there’s plenty of things you can pass to it that’ll run

Subtle hint. Thanks :slight_smile: still getting permission denied. tried everything I can think of, man!

Nevermind! got it :slight_smile:

I wish I could. I cant think of anything and the regular resetting after people alter the assorted system files is frustrating…

Root was pretty easy, but it was like: type 2 letters, wait for a minute, type 2 letters, wait for a minute… :smiley:

I think the host is just bad design. HTB guys should change it or retire it.

lol, i got disappointing with the privesc too, i though it will be much harder than this, anyway i learned to pay attention to every switch in every tool!:stuck_out_tongue: :slight_smile:

Nevermind! got it :slight_smile:

I wish I could. I cant think of anything and the regular resetting after people alter the assorted system files is frustrating…

There should be no need to alter system files. All can be done without.

I have a list of users, a list of potential passwords “guessing/like previous boxes”, and a way in.

Since I cannot manually try all passwords for all users, I used Hydra to do it for me, but no matches :confused:

There’s no clear user, all of them seem system defaults, and the enum says only root has logged in before…

Any hints?

Pretty much my approach…
youtu.be/v_3ks7-OjGc
youtu.be/234u2ZV8HNY
youtu.be/mLm_3K2YImc
youtu.be/HklWMqA9oVA
youtu.be/e3-5YC_oHjE
youtu.be/fhzm-sZNjsg
youtu.be/BxBfQLHykfI

@ZaYoOoD said:
I have a list of users, a list of potential passwords “guessing/like previous boxes”, and a way in.

Since I cannot manually try all passwords for all users, I used Hydra to do it for me, but no matches :confused:

There’s no clear user, all of them seem system defaults, and the enum says only root has logged in before…

Any hints?

Once you have a list of users Hydra and RockYou should be able to help. Have patience however, the box is reset a lot, I had to run Hydra twice to get valid credentials.

Even though I now have valid credentials they sometimes do not work until a reset is performed as the users passwords sometimes seem to be changed or wiped by other peoples actions on the box.