Official Tabby Discussion

Can someone nudge toward getting a shell/next steps once on the h…-m… page…?

i tried finding w… files and uploading but no luck

thanks

another brick wall after getting through the login after finding the file.
It seems that we only have a role for vh? any nudges?

Can someone give me a nudge in PM. I am stuck, I only have 3 port discovered and try everything I had on tomcat. I know I have to read a file but how. And what is the L** thingy?

Rooted this machine. Foothold is tricky. Learnt a bunch about t**c*t and new priviesc. Easy machine.
My hints:
-----Foothold: The docs given in the webpage is not enough. It’s better to run it locally.
-----User: Enumerate where you landed and it’s in front of you.
-----Root: Check where you’re at additionally. Google FU. Root can be done in under 3 minutes.

Thanks for the box creator @egre55 .
PM for cryptic nudges.

Good night, I’m trying to privilege scalation, but I get an error (Error: open)

Stuck on getting shell after getting creds for h***-m******, would appreciate any nudges/hints.
Thanks!

Edit: Finally got root. Learned a lot about t****t with this one… Thanks to @syro for the nudge

Type your comment> @White43 said:

Stuck on getting shell after getting creds for h***-m******, would appreciate any nudges/hints.
Thanks!

Same boat here. Any nudges would be greatly appreciated.

Finally rooted after few days?

~ # whoami
root
~ # cat /root/root.txt
cat: can’t open ‘/root/root.txt’: No such file or directory
~ #

yo what happen with this box???

Type your comment> @soraa said:

~ # whoami
root
~ # cat /root/root.txt
cat: can’t open ‘/root/root.txt’: No such file or directory
~ #

yo what happen with this box???

Read the blog you referred once again clearly.

Type your comment> @gunroot said:

Type your comment> @soraa said:

~ # whoami
root
~ # cat /root/root.txt
cat: can’t open ‘/root/root.txt’: No such file or directory
~ #

yo what happen with this box???

Read the blog you referred once again clearly.

yea mb i gottem now xd i got too excited

Nice box! :slight_smile:

root@tabby:~# id && hostname && ip addr | awk ‘/inet 10.10.10/ {print $2}’
uid=0(root) gid=0(root) groups=0(root)
tabby
10.10.10.194/24

Thanks @egre55 :smiley:

Stuck on finding tc-u****.l . I have tried possible paths as suggested, tried path after running it locally and even read tc**.s****** file with L** however ,even that path failed.

Any nudges would be greatly appreciated.

Type your comment> @StamGR said:

Stuck on finding tc-u****.l . I have tried possible paths as suggested, tried path after running it locally and even read tc**.s****** file with L** however ,even that path failed.

Any nudges would be greatly appreciated.

don’t use guides to install it, just install it
and when you try in htb pay attention to the response (a tool allows you to easily see it if you can’t see it)

i’m blocked on the next step… failing to start something after correctly sending it… maybe i need to understand something about VH before using it?

Been stuck on finding the x*l file path for a couple days. Have installed everything locally and know where it ‘should’ be. Can someone help me out. Thanks

I got access to host-manager panel but I don’t find a way to upload files…

finally rooted!!! anyone who is in need of a nudge can dm me

when I look at the t****-****s.**l file, I don’t see a user setup with the manager-gui role. Am I missing something?

Finally completed this box and I have to say, not the easiest ‘easy’ box I’ve ever done mainly due to difficulty actually finding certain key files but I guess that would be like real life. Once the key files are found the next steps could be considered easy.

Many thanks to @syro and @gunroot for the nudges that got me there.

Good luck everyone.

Got Root…

User: Enum services, search any suspect files/situations, try to grab creds, some files you can’t read in browser, try another way.
Root: A basic enumeration in the system will show you the way if the users stop to f******** reset the machine…

PM me for hints…