Official Blunder Discussion

13468919

Comments

  • Rooted
    Not going to say much since there is a ton of hints already in the forums.
    PM me if you need a nudge

    GotRoot
    If I helped you out at all, feel free to click my badge and give +1 respect!

  • thanks for the box it was great if anyone needs nudges or help for doing the manual exploit (without msf) send me a pm

  • edited June 4

    I have credentials for H**o and a meterpreter session as www, but it wont let be run su H&&o as the command isnt recognised. Anyone know how to change users in meterpreter or indeed a nudge or what to do with H&&o credentials?

  • @BugsBunny said:

    I have credentials for Ho and a meterpreter session as www, but it wont let be run su Ho as the command isnt recognised. Anyone know how to change users in meterpreter or indeed a nudge or what to do with H**0 credentials?

    Improve your shell.

    TazWake

    Happy to help people but PLEASE explain your problem in as much detail as possible!

    Also: https://www.nohello.com/

  • Hello I need help, I have the username and password F ***, but I got stuck there; i got the cve but i need a push

  • Type your comment> @jesus62175 said:

    Hello I need help, I have the username and password F ***, but I got stuck there; i got the cve but i need a push

    There is a POC for that CVE. Google will give you if you ask correctly ๐Ÿ˜‰.
    There is also a dedicated module written for most favorite exploitation software.

    A Chemist doing Penetration Testing - Check the Story here: BinaryBiceps

  • Type your comment> @gunroot said:

    Type your comment> @jesus62175 said:

    Hello I need help, I have the username and password F ***, but I got stuck there; i got the cve but i need a push

    There is a POC for that CVE. Google will give you if you ask correctly ๐Ÿ˜‰.
    There is also a dedicated module written for most favorite exploitation software.

    but I get an error require manual cleanup of '.h*****' on the target

  • Soooo many rabbit holes after Initial Foothold for User, I feel so dumb I strayed so far from home... lol.

    Root was simple enough once u do like everyone says "back to basics".

    5p3c702

  • Rooted.
    All the necessary hints have already been given here, so I won't be adding any.
    Just don't overthink too much on the foothold, once you get the foothold, user and root is just minutes away! All the best!
    Thank you @egotisticalSW for this fun box!

  • Rooted!! Fun box, easy but not immediate. Thank you @Zaitchev for nudges. You'll think "I'm a fool" when you root it.
    There's my hint:

    FOOTHOLD: the conventional standard ways are not the right way. Use your hands ;) The CVEs are you're friends.
    USER: just enum everything. EVERYTHING!
    ROOT: the basics of privesc. Google ALL, !

    PM for hints ;)

  • Type your comment> @jesus62175 said:

    Type your comment> @gunroot said:

    Type your comment> @jesus62175 said:

    Hello I need help, I have the username and password F ***, but I got stuck there; i got the cve but i need a push

    There is a POC for that CVE. Google will give you if you ask correctly ๐Ÿ˜‰.
    There is also a dedicated module written for most favorite exploitation software.

    but I get an error require manual cleanup of '.h*****' on the target

    I never got that particular error (I got a different one) but you might want to double check that you have the module set up properly. I suppose reading the module's source code is enough but this thread had a hint earlier about intercepting the request with burp and making sure that it's doing what you think it's doing and that made my error really obvious.

  • Awesome box ! All the nudges given in this forum are sufficient to get you through.
    If stuck, message me for nudges.
    ROOTED!

  • can anyone help me...
    my msf exploit is not working :tired_face:
    i have tried everything
    i even tried to manually do it but got no luck
    can someone please help me

    Hack The Box

  • edited June 5

    I think i got the right user for initial foothold from t*.t file and tried brute forcing with a python script. But I don't think i have the right wordlist for the password. Help would be much appreciated!

  • Nice machine... Thanx @egotisticalSW.

  • @de4dgh0st said:

    can anyone help me...
    my msf exploit is not working :tired_face:
    i have tried everything

    There is a good chance you haven't tried everything.

    i even tried to manually do it but got no luck

    If it helps, I struggled with manual exploitation to the point at which I gave up.

    can someone please help me

    Check all your settings and payload.

    TazWake

    Happy to help people but PLEASE explain your problem in as much detail as possible!

    Also: https://www.nohello.com/

  • Fun machine, thank you @egotisticalSW :)

    Got stuck long time on the foothold.
    Once I found the user I got something Cewl going on :smiley: and snaked it up

    Always happy to help others. 100% human

    https://www.mindfueldaily.com/livewell/thank-you/

  • Type your comment> @TazWake said:

    @de4dgh0st said:

    can anyone help me...
    my msf exploit is not working :tired_face:
    i have tried everything

    There is a good chance you haven't tried everything.

    i even tried to manually do it but got no luck

    If it helps, I struggled with manual exploitation to the point at which I gave up.

    can someone please help me

    Check all your settings and payload.

    yeah i got it...
    thxx

    Hack The Box

  • @de4dgh0st said:

    yeah i got it...
    thxx

    Awesome!

    TazWake

    Happy to help people but PLEASE explain your problem in as much detail as possible!

    Also: https://www.nohello.com/

  • Type your comment> @mukilan1600 said:
    > I think i got the right user for initial foothold from t*.t file and tried brute forcing with a python script. But I don't think i have the right wordlist for the password. Help would be much appreciated!

    Make a CraWL.
  • Rooted! Fun box, not immediate (at least, not for new people like me). Had to read carefully everything for the initial step, then some searches on new CVEs helped for the user part. The root part was the easiest one, rooted literally 30 seconds after gaining user access. Hope this is not a spoiler!
    PM for nudges if you need help!

    NB: I had to regenerate keys for lab access (I'm on EU Free server) because both user and root flags were at first rejected by the system (this seems an issue that others experienced, so maybe this can help other people with the same problem).

    Hack The Box

  • edited June 5

    Got user & root. Have to admit i found foothold very irritating, lots of resets and very slow connection, but such is life on the free server .
    The hints for this box were very useful too me, learnt about a new tool, which is cool ;).

    a3n3a

  • Spoiler Removed

    Hack The Box

  • edited June 6

    Rooted. Foothold was extremely annoying and I ended up having to use M********* which I really don't like to do. If you did this manually please DM me, I'd love to know what I did wrong.

    Simple Enumeration will get you user. Use what you've already found to your advantage.

    Root: Don't overcomplicate it like I did.

    Lots of rabbit holes...

    MrHyde

  • Type your comment> @UGlz said:
    > Rooted! Fun box, not immediate (at least, not for new people like me). Had to read carefully everything for the initial step, then some searches on new CVEs helped for the user part. The root part was the easiest one, rooted literally 30 seconds after gaining user access. Hope this is not a spoiler!
    > PM for nudges if you need help!
    >
    > NB: I had to regenerate keys for lab access (I'm on EU Free server) because both user and root flags were at first rejected by the system (this seems an issue that others experienced, so maybe this can help other people with the same problem).

    Hey. I don't think you need to regenerate your VPN keys to make the root & user hash to work. A simple reset is enough to make it work. I also encountered this issues a bunch of times, but the same hash worked after resetting the box.

    A Chemist doing Penetration Testing - Check the Story here: BinaryBiceps

  • Type your comment> @gunroot said:
    > Type your comment> @UGlz said:
    > > Rooted! Fun box, not immediate (at least, not for new people like me). Had to read carefully everything for the initial step, then some searches on new CVEs helped for the user part. The root part was the easiest one, rooted literally 30 seconds after gaining user access. Hope this is not a spoiler!
    > > PM for nudges if you need help!
    > >
    > > NB: I had to regenerate keys for lab access (I'm on EU Free server) because both user and root flags were at first rejected by the system (this seems an issue that others experienced, so maybe this can help other people with the same problem).
    >
    > Hey. I don't think you need to regenerate your VPN keys to make the root & user hash to work. A simple reset is enough to make it work. I also encountered this issues a bunch of times, but the same hash worked after resetting the box.

    Yes, I thought the same, but even resetting the machine didn't work for me (still don't know why) so after some time I tried regenerating keys and it worked. However of course maybe resetting is enough for other people!

    Hack The Box

  • Rooted ! Thanks to @devglass for a nudge dealing with the initial foothold. I think like most people I went down several rabbit holes.
  • Rooted...

    Muchas gracias a @7u1x y @algernope por todo su apoyo y paciencia.

    Thank you very much to @7u1x and @algernope for all your support and patience.

  • Hello! I'm stuck on the initial foothold for blunder. If anyone see this and is willing to give me a little nudge please DM me! Much appreciated!

  • Rooted..,
    I loved solving this machine

Sign In to comment.