Official Tabby Discussion

13468921

Comments

  • I don't understand what to do after getting h***-m****** creds

  • Type your comment> @dhruvarora said:

    I don't understand what to do after getting h***-m****** creds

    look what he is able too

  • edited June 2020

    Can somebody give me a nudge for root? I am so close to it, im just having some syntax issues.

    Edit:
    Got root, interesting machine.

  • Can someone nudge toward getting a shell/next steps once on the h...-m....... page...?

    i tried finding w.. files and uploading but no luck

    thanks

  • another brick wall after getting through the login after finding the file.
    It seems that we only have a role for vh? any nudges?

    zweeden

  • Can someone give me a nudge in PM. I am stuck, I only have 3 port discovered and try everything I had on tomcat. I know I have to read a file but how. And what is the L** thingy?

  • edited June 2020
    Rooted this machine. Foothold is tricky. Learnt a bunch about t**c*t and new priviesc. Easy machine.
    My hints:
    -----Foothold: The docs given in the webpage is not enough. It's better to run it locally.
    -----User: Enumerate where you landed and it's in front of you.
    -----Root: Check where you're at additionally. Google FU. Root can be done in under 3 minutes.

    Thanks for the box creator @egre55 .
    PM for cryptic nudges.

    A Chemist doing Penetration Testing - Check the Story here: BinaryBiceps

  • Good night, I'm trying to privilege scalation, but I get an error (Error: open)

  • edited June 2020

    Stuck on getting shell after getting creds for h***-m******, would appreciate any nudges/hints.
    Thanks!

    Edit: Finally got root. Learned a lot about t****t with this one... Thanks to @syro for the nudge

  • Type your comment> @White43 said:
    > Stuck on getting shell after getting creds for h***-m******, would appreciate any nudges/hints.
    > Thanks!

    Same boat here. Any nudges would be greatly appreciated.

    zweeden

  • Finally rooted after few days😧
  • ~ # whoami
    root
    ~ # cat /root/root.txt
    cat: can't open '/root/root.txt': No such file or directory
    ~ #

    yo what happen with this box???

  • Type your comment> @soraa said:

    ~ # whoami
    root
    ~ # cat /root/root.txt
    cat: can't open '/root/root.txt': No such file or directory
    ~ #

    yo what happen with this box???

    Read the blog you referred once again clearly.

    A Chemist doing Penetration Testing - Check the Story here: BinaryBiceps

  • Type your comment> @gunroot said:

    Type your comment> @soraa said:

    ~ # whoami
    root
    ~ # cat /root/root.txt
    cat: can't open '/root/root.txt': No such file or directory
    ~ #

    yo what happen with this box???

    Read the blog you referred once again clearly.

    yea mb i gottem now xd i got too excited

  • edited June 2020
    Nice box! :-)

    [email protected]:~# id && hostname && ip addr | awk '/inet 10.10.10/ {print $2}'
    uid=0(root) gid=0(root) groups=0(root)
    tabby
    10.10.10.194/24

    Thanks @egre55 :smiley:
  • Stuck on finding tc-u****.l . I have tried possible paths as suggested, tried path after running it locally and even read tc.s****** file with L however ,even that path failed.

    Any nudges would be greatly appreciated.

  • Type your comment> @StamGR said:

    Stuck on finding tc-u****.l . I have tried possible paths as suggested, tried path after running it locally and even read tc.s****** file with L however ,even that path failed.

    Any nudges would be greatly appreciated.

    don't use guides to install it, just install it
    and when you try in htb pay attention to the response (a tool allows you to easily see it if you can't see it)

    i'm blocked on the next step.... failing to start something after correctly sending it..... maybe i need to understand something about VH before using it?

  • Been stuck on finding the x*l file path for a couple days. Have installed everything locally and know where it 'should' be. Can someone help me out. Thanks

  • I got access to host-manager panel but I don't find a way to upload files...

  • finally rooted!!! anyone who is in need of a nudge can dm me

  • edited June 2020

    when I look at the t****-****s.**l file, I don't see a user setup with the manager-gui role. Am I missing something?

    Arrexel

  • Finally completed this box and I have to say, not the easiest 'easy' box I've ever done mainly due to difficulty actually finding certain key files but I guess that would be like real life. Once the key files are found the next steps could be considered easy.

    Many thanks to @syro and @gunroot for the nudges that got me there.

    Good luck everyone.

  • Got Root...

    User: Enum services, search any suspect files/situations, try to grab creds, some files you can't read in browser, try another way.
    Root: A basic enumeration in the system will show you the way if the users stop to f******** reset the machine...

    PM me for hints...

  • edited June 2020

    Rooted!

    Pretty straight forward box with a few caveats where you really need to pay attention to detail. Here are my hints for those who are struggling:


    Foothold: By far, the hardest part of this box. Enumerate everything you find and question how application might behave if you were to write it. If you find anything that is exploitable, think about how you may want to later abuse that. If you try re-creating this box yourself, you will be on a good path.

    User: Enumerate as much as you possibly can and think of simple things system administrators often do.

    Root: Try installing the same Linux distro as this box and ask yourself how your privileges have changed since the foothold.


    Feel free to PM me if all this still feels too cryptic!

  • Spoiler Removed

  • I'm French.
    We decapitated our king, long time ago.
    The next dude that resets the perfectly working box will be immediately crowned as my king.

    Apart of that, what a box. I got user, on my way for root, and I never was aware that Curl could help me in those ways.

    Enumeration was frankly a pain, until I just installed the service on my machine, and started learning about how it is settled, how it works and what "The war never changes" means.

    Hack The Box

  • Type your comment> @Somnus said:

    The Biggest push/hint i could give you is.

    on Your local kali Box

    sudo apt-get install .....

    find / -iname ....

    ???

    Profit :)

    I've tried that and pulled a few other things from files that i know will be there/accessible. They point to dirs and files that i've already tried with no love. I feel like i'm missing something obvious, but tried both the normal paths and stuff indicated within the system. Local install shows a clear path, but no love on the target. Just can't get what I'm missing, been looking at it for 3 days.

  • @sloth1985 said:
    Well, like a lot of other people on here I'm having trouble finding a certain file for the initial foothold. I've tried installing t****t locally as a few people have suggested and the file I am looking for is where it should be (two places in fact) but using the same path(s) on Tabby gives me nothing.

    I'm a little bit stuck now.

    yep, same thing man, tried fuzzing too, no love, but may be slightly off on syntax. Finding the initial vuln and knowing what i need to look for only took 30mins, but after that....nothing. Looked in several system files that indicate where stuff usually 'lands' but no love when trying them.

  • Type your comment> @initinfosec said:

    @sloth1985 said:
    Well, like a lot of other people on here I'm having trouble finding a certain file for the initial foothold. I've tried installing t****t locally as a few people have suggested and the file I am looking for is where it should be (two places in fact) but using the same path(s) on Tabby gives me nothing.

    I'm a little bit stuck now.

    yep, same thing man, tried fuzzing too, no love, but may be slightly off on syntax. Finding the initial vuln and knowing what i need to look for only took 30mins, but after that....nothing. Looked in several system files that indicate where stuff usually 'lands' but no love when trying them.

    I think the people that say it is right in front of you are a little off the mark. Yes it is on the path of one of the locations you should find fairly easily, but if you guess it you made one hell of a leap. There is a much much easier way to find the exact path with zero guessing. Think of different ways you might search for something installed on your workstation. Now think of what files it uses and access those

  • Type your comment> @0ryuk0 said:

    Type your comment> @StamGR said:

    Stuck on finding tc-u****.l . I have tried possible paths as suggested, tried path after running it locally and even read tc.s****** file with L however ,even that path failed.

    Any nudges would be greatly appreciated.

    don't use guides to install it, just install it
    and when you try in htb pay attention to the response (a tool allows you to easily see it if you can't see it)

    i'm blocked on the next step.... failing to start something after correctly sending it..... maybe i need to understand something about VH before using it?

    gotcha - installing confirmed why i might not be able to see what i'm looking for, but not really sure how to get around it. Will keep digging.

Sign In to comment.