Cache

11011131516

Comments

  • I have found the p*****, and the pdf which describes the vulnerabilities, but I cannot exploit either of them. Any help would be highly appreciated!

  • Took me a while, but finally rooted. Thanks to @ASHacker for the box creation, and @MrHyde for some helpful hints.

    If you need a nudge or hint, pm me!!

  • edited May 2020

    i cant find that H************, uff - can someone give a hint? pm
    edited: wow i messed up about 3 hours with a typo rofl

    r4bit

  • *Spoiler Removed*
  • YEY for root.

    Footholder: Enumerate everything and take notes.
    -Get to know the author.
    -Make things close to home
    -The internet is your friend
    First User: Sometimes it is that simple, if you enumerated from the start.
    Second user: cached
    Root: Please leave.

    I was nudged, I would love to return the favor.

  • Hi,
    Awesome box, thanks @ASHacker :)
    Feel free to PM me if you need help.

  • Ok, here for the first time I got root before user.
    That would be just ok, if only not because I really have no clue on how it could have been achieved differently...
    I mean, the path was so straightforward that i hardly can imagine how user could be useful to get to root...
    If anyone wants to help me in understanding something more, please pm me, becasue i have the horrible sensation of having missed something that is worth to learn...

    echo start dumb.bat > dumb.bat && dumb.bat
    doh!

  • @Chobin73 said:

    If anyone wants to help me in understanding something more, please pm me, becasue i have the horrible sensation of having missed something that is worth to learn...

    I'd be happy to discuss this because I cant see how you'd get to the root without hopping through user.

    TazWake

    Note: https://www.nohello.com/

    Happy to help people but PLEASE explain your problem in as much detail as possible! If you say vague things like "It's not working", I cant help. This isn't Twitter so my DMs are always open.

  • Type your comment> @TazWake said:

    @Chobin73 said:

    If anyone wants to help me in understanding something more, please pm me, becasue i have the horrible sensation of having missed something that is worth to learn...

    I'd be happy to discuss this because I cant see how you'd get to the root without hopping through user.

    i sent you a pm..

    echo start dumb.bat > dumb.bat && dumb.bat
    doh!

  • @Chobin73 said:

    Type your comment> @TazWake said:

    @Chobin73 said:

    If anyone wants to help me in understanding something more, please pm me, becasue i have the horrible sensation of having missed something that is worth to learn...

    I'd be happy to discuss this because I cant see how you'd get to the root without hopping through user.

    i sent you a pm..

    Nice one - thank you!

    TazWake

    Note: https://www.nohello.com/

    Happy to help people but PLEASE explain your problem in as much detail as possible! If you say vague things like "It's not working", I cant help. This isn't Twitter so my DMs are always open.

  • Rooted! Happy to answer any questions via a pm

    jpredo

  • Has anyone exploited the box without sqlmap? I would have a question for manual exploiting.

  • I really enjoyed this machine. Many many hints exist on here, I don't think I can add anything at least. Cheers to @ASHacker for a decent box. DM me, should you wish, for nudges or poke me over on Discord.

    5ysk3y

    For assistance:

    1) Give me some insight as to what you've tried already, or ideas you've moved past
    2) Don't expect me to give you the answer-- that defeats the object of being here.

    If you find my assistance useful, in any case, please consider clicking that awesome respect button on my profile!

  • A very honest tip gained from struggling, if your P******P***** is disabled/not working and restarting doesn't help switch to a different server immediately. for the EU free server it was impossible to work on due to instability of machine and people who use exploits without knowledge and consideration about others !!

    Atomman

  • Just GotRoot! This is one of my favorites boxes. Not sure if I followed the designed path but I got root before I got user, curious to see other peoples wright-ups later on. I did get stuck twice on this box ( initial foothold and root privesc)

    Nudges:
    Initial foothold: Don't overthink this or go for the rabbit holes. Make sure to enumerate the page and read everything for clues. Once you know you are in the right place GOOGLE.
    User: Once you find yourself with a shell enumerate and investigate anything interesting
    Root: Easiest root I've ever done. simple privesc script and a quick google is all you need

    GotRoot
    If I helped you out at all, feel free to click my badge and give +1 respect!

  • Congrats to @ASHacker for making an excellent box. If you are still working on it, do not get ahead of yourself w/fuzzing. The rest should fall into place.

  • Fun and interesting box! I have learnt a few thing!
    Congrats @ASHacker !

  • Took me too long to get the initial foothold. I don't think I followed the designed path. I got access to one of the accounts (without flag) after initial foothold, and then immediately got root (and thus user 10 seconds later)..

    Fun box. Real life enough to be encountered for real somewhere.

    Hints:

    • Initial: You don't need to search for exploit code once you find the interesting part. It's more interesting to use the big text somebody has written. Just use tools made for the job, to find credentials and get your foothold.
    • With foothold: Enumerate, and think about the name of the box
    • With user access: Your power cannot be contained!

    Hack The Box

    Need help?

    1) Describe to me what you already tried, what you think the next step is, and where you are stuck.
    2) I'll give you a nudge!

    If I helped you get your flags, please consider going to my profile and adding +1 respect!

  • Rooted! Pm on htb for nudges :)

  • Nice box. Did some things I knew were possible, but I never have done. Looking forward to seeing some walkthroughs of this one.

    Hack The Box

  • Finally Rooted.
    PM me if you need any nudge, I like to help :smile:

  • Well, I got to the r******r.**p page, but whatever I do it doesn't let me proceed. What I've found, has to be done authenticated but nothing works. Could someone give me nudge?

    Hack The Box
    CISSP | eJPT

  • Type your comment> @grav3m1ndbyte said:

    Well, I got to the r******r.**p page, but whatever I do it doesn't let me proceed. What I've found, has to be done authenticated but nothing works. Could someone give me nudge?

    Nevermind...I found what I needed.

    Hack The Box
    CISSP | eJPT

  • Type your comment> @grav3m1ndbyte said:

    Type your comment> @grav3m1ndbyte said:

    Well, I got to the r******r.**p page, but whatever I do it doesn't let me proceed. What I've found, has to be done authenticated but nothing works. Could someone give me nudge?

    Nevermind...I found what I needed.

    WOW! I wasn't expecting this! ROOTED! My first box in months after having to step out of HTB!

    # id
    uid=0(root) gid=0(root) groups=0(root)
    #       
    

    Hack The Box
    CISSP | eJPT

  • edited June 2020

    Found a video that demonstrates a relevant SQLI but cant get it to work. Has anyone used this?

    .. Reset and works.

  • \m/ ROOTED ..
    Initial Foothold is the tricky one.
    Next Exploit to get he shell is pretty easy which further requires enum ...
    User Flag is a peice of cake
    Getting to root again is a tricky one ... many hints are already present in the forum "GTFO" I was new to this term .. many things to learn from this box..

    PM me for nudges :smile:

  • The good feeling after getting done with the box. One of the boxes where you get initial foothold everything will be sequential. Enumerate and Enumerate. User was good fight but root was way too straightforward if it was intended. Anyways willing to help out the stuck ones :+1:

    3zCulprit

  • what a journey :) thanks for the creators not a hard machine but definitely a nice machine, i learned again about xxxxxcache :) , and added to my notes, i think get a 2 user from the first enumeration was not planed right? its a bug??
    for root if you cant sudo -l try to look for groups, then is enough hints on this forum.

    if someone stucks dm and tell me what you have and what you tried.

    there is no place like 127.0.0.1
  • edited June 2020

    I'm asking myself, why people don't respect the HTB rules and post public writeups on unretired boxes...

    Nism0

  • edited June 2020

    Rooted.
    Great box @ASHacker, thank you!
    Skills++.

    Didn't figure out how I was suppose to get user first. If someone could DM me about this, I'd appreciate.

    Root was pretty easy.

    Nism0

Sign In to comment.