Cache

@Chobin73 said:

If anyone wants to help me in understanding something more, please pm me, becasue i have the horrible sensation of having missed something that is worth to learn…

I’d be happy to discuss this because I cant see how you’d get to the root without hopping through user.

Type your comment> @TazWake said:

@Chobin73 said:

If anyone wants to help me in understanding something more, please pm me, becasue i have the horrible sensation of having missed something that is worth to learn…

I’d be happy to discuss this because I cant see how you’d get to the root without hopping through user.

i sent you a pm…

@Chobin73 said:

Type your comment> @TazWake said:

@Chobin73 said:

If anyone wants to help me in understanding something more, please pm me, becasue i have the horrible sensation of having missed something that is worth to learn…

I’d be happy to discuss this because I cant see how you’d get to the root without hopping through user.

i sent you a pm…

Nice one - thank you!

Rooted! Happy to answer any questions via a pm

Has anyone exploited the box without sqlmap? I would have a question for manual exploiting.

I really enjoyed this machine. Many many hints exist on here, I don’t think I can add anything at least. Cheers to @ASHacker for a decent box. DM me, should you wish, for nudges or poke me over on Discord.

A very honest tip gained from struggling, if your P*P is disabled/not working and restarting doesn’t help switch to a different server immediately. for the EU free server it was impossible to work on due to instability of machine and people who use exploits without knowledge and consideration about others !!

Just GotRoot! This is one of my favorites boxes. Not sure if I followed the designed path but I got root before I got user, curious to see other peoples wright-ups later on. I did get stuck twice on this box ( initial foothold and root privesc)

Nudges:
Initial foothold: Don’t overthink this or go for the rabbit holes. Make sure to enumerate the page and read everything for clues. Once you know you are in the right place GOOGLE.
User: Once you find yourself with a shell enumerate and investigate anything interesting
Root: Easiest root I’ve ever done. simple privesc script and a quick google is all you need

Congrats to @ASHacker for making an excellent box. If you are still working on it, do not get ahead of yourself w/fuzzing. The rest should fall into place.

Fun and interesting box! I have learnt a few thing!
Congrats @ASHacker !

Took me too long to get the initial foothold. I don’t think I followed the designed path. I got access to one of the accounts (without flag) after initial foothold, and then immediately got root (and thus user 10 seconds later)…

Fun box. Real life enough to be encountered for real somewhere.

Hints:

  • Initial: You don’t need to search for exploit code once you find the interesting part. It’s more interesting to use the big text somebody has written. Just use tools made for the job, to find credentials and get your foothold.
  • With foothold: Enumerate, and think about the name of the box
  • With user access: Your power cannot be contained!

Rooted! Pm on htb for nudges :slight_smile:

Nice box. Did some things I knew were possible, but I never have done. Looking forward to seeing some walkthroughs of this one.

Finally Rooted.
PM me if you need any nudge, I like to help :smile:

Well, I got to the r******r.**p page, but whatever I do it doesn’t let me proceed. What I’ve found, has to be done authenticated but nothing works. Could someone give me nudge?

Type your comment> @grav3m1ndbyte said:

Well, I got to the r******r.**p page, but whatever I do it doesn’t let me proceed. What I’ve found, has to be done authenticated but nothing works. Could someone give me nudge?

Nevermind…I found what I needed.

Type your comment> @grav3m1ndbyte said:

Type your comment> @grav3m1ndbyte said:

Well, I got to the r******r.**p page, but whatever I do it doesn’t let me proceed. What I’ve found, has to be done authenticated but nothing works. Could someone give me nudge?

Nevermind…I found what I needed.

WOW! I wasn’t expecting this! ROOTED! My first box in months after having to step out of HTB!

# id
uid=0(root) gid=0(root) groups=0(root)
#     	

Found a video that demonstrates a relevant SQLI but cant get it to work. Has anyone used this?

… Reset and works.

\m/ ROOTED …
Initial Foothold is the tricky one.
Next Exploit to get he shell is pretty easy which further requires enum …
User Flag is a peice of cake
Getting to root again is a tricky one … many hints are already present in the forum “GTFO” I was new to this term … many things to learn from this box…

PM me for nudges :smile:

The good feeling after getting done with the box. One of the boxes where you get initial foothold everything will be sequential. Enumerate and Enumerate. User was good fight but root was way too straightforward if it was intended. Anyways willing to help out the stuck ones :+1: