Official Tabby Discussion

17810121319

Comments

  • Type your comment> @holeymoley said:

    Type your comment> @p3r14n3gr4 said:

    Type your comment> @holeymoley said:

    Type your comment> @p3r14n3gr4 said:

    I have the credentials. How can I login to the m*****r? Or, how can I jump from the h**t-M*****r to the M*****r?

    You don't need to jump higher, current user can do it. Check the vendors docs as to what you can do with the powers of the 'role' you have. A bit of curley-wurley later, then to a txt mode will get you off to war soon enough...

    Trying that, but "401 Unauthorized" always

    try to enclose your pwd in single quotes in your command - there are a few characters in it that might be expanded otherwise... also double and treble check the path in the address you call, it should be to m*****r not ****-******r

    I gave you respect

  • Type your comment> @Achille said:

    Root: I realized what to exploit almost immediately (thanks Google) but then I wasted a lot of time due to a "location" issue. Nice technique btw!

    I think I have the same problem and, frankly, I think I'm going crazy. A little nudge, maybe?

  • I'm new in this (not very). just a hint, where to look? No big hints.. just a guidance will do. Thanks in advance.

  • Hi everybody, i'm stuck logged in as t****t in h***-******r.
    Can someone give me nudge?
    Thanks.
  • Type your comment> @Invited said:

    Hi everybody, i'm stuck logged in as t****t in h***-******r.
    Can someone give me nudge?
    Thanks.

    text mode is the answer. Read the docu you have in the manager app

  • @nubie1989 said:
    I'm new in this (not very). just a hint, where to look? No big hints.. just a guidance will do. Thanks in advance.

    news

  • edited June 25

    @Invited said:
    Hi everybody, i'm stuck logged in as t****t in h***-******r.
    Can someone give me nudge?
    Thanks.

    text mode. Look at your user privileges in the file you found with the password, then read what those privileges means in the docu you have on the app

  • Type your comment> @p3r14n3gr4 said:

    @nubie1989 said:
    I'm new in this (not very). just a hint, where to look? No big hints.. just a guidance will do. Thanks in advance.

    news

    cant parse xml..

  • for the privsec section I got this error when I run the final commad l*c e**c **** /bin/sh

    ~ # ;5R;5Rid
    ;5R;5Rid
    /bin/sh: syntax error: unexpected ";"

    is this normal ???

  • @nubie1989 said:

    Type your comment> @p3r14n3gr4 said:

    @nubie1989 said:
    I'm new in this (not very). just a hint, where to look? No big hints.. just a guidance will do. Thanks in advance.

    news

    cant parse xml..

    Any idea why not?

    TazWake

    Happy to help people but PLEASE explain your problem in as much detail as possible!

    Also: https://www.nohello.com/

  • @zaaza said:

    for the privsec section I got this error when I run the final commad l*c e**c **** /bin/sh

    ~ # ;5R;5Rid
    ;5R;5Rid
    /bin/sh: syntax error: unexpected ";"

    is this normal ???

    No but I've seen it happen. The display is not showing as normal but that shouldn't be an issue. Try backspacing a few times to make sure it hasn't carried across extra characters.

    TazWake

    Happy to help people but PLEASE explain your problem in as much detail as possible!

    Also: https://www.nohello.com/

  • A little guidance in order to become user 1000? I'm stuck on my t****t user shell

  • Type your comment> @TazWake said:

    @nubie1989 said:

    Type your comment> @p3r14n3gr4 said:

    @nubie1989 said:
    I'm new in this (not very). just a hint, where to look? No big hints.. just a guidance will do. Thanks in advance.

    news

    cant parse xml..

    Any idea why not?

    because i cant find this bitc* file. its not in et*/***/***xml

  • @nubie1989 said:

    because i cant find this bitc* file. its not in et*/***/***xml

    Ok, that's a different problem than parsing the XML though :smile:

    The main think I can suggest is try fuzzing for possible locations. You have a few paths, so maybe try combining them a little bit.

    TazWake

    Happy to help people but PLEASE explain your problem in as much detail as possible!

    Also: https://www.nohello.com/

  • That was a really good box. Not sure why I've seen some comments bitching about it being CTFish, there was literally nothing remotely CTF about it. If that was your conclusion you missed steps or didn't understand what you were doing or why.

    I effing hated the foothold while I was doing it, but it's only because I was too dumb to know a better way to do it, so this box really hammered some important things home.

    Hilbert

  • Rooted! What a jurney. Fun to do, but the foothold was annoying

  • Type your comment> @p3r14n3gr4 said:

    A little guidance in order to become user 1000? I'm stuck on my t****t user shell

    use the information you have (hopefully) gathered along the way -- the information is there if you have done all the enumeration that you should have... keep searching! what you need is available if you look at what you have access to...

    Ricm916

  • It was annoying reading posts about how easy people found the last stage as I ran into error after error and spent ages getting nowhere.

    Root:
    If it's not finding a file in the same folder, just go home and do it all from there.

    BTW. Who ever said hello in /tmp... made me smile so thanks LOL

    Arrexel
    eJPT

  • Type your comment> @thegingerninja said:

    It was annoying reading posts about how easy people found the last stage as I ran into error after error and spent ages getting nowhere.

    Root:
    If it's not finding a file in the same folder, just go home and do it all from there.

    BTW. Who ever said hello in /tmp... made me smile so thanks LOL

    hello

  • I found the t*****-*****.*ml file and I've got the man*** but i cant find a way to get the shell or any other thing.
    This is my first box so any help would be appreciated.

  • Type your comment> @Nihack said:
    > Stuck after getting the shell, any hint that gives me an idea of what file should i look for? spent hours browsing the whole machine xD

    Try to search a file written by the user
  • Type your comment> @0xstain said:
    > Type your comment> @Nihack said:
    > > Stuck after getting the shell, any hint that gives me an idea of what file should i look for? spent hours browsing the whole machine xD
    >
    > Try to search a file written by the user

    The file which need some hammering on it. Enumerate the entire dir which you get while landing your initial shell. Remember the user is lazy.

    A Chemist doing Penetration Testing - Check the Story here: BinaryBiceps

  • Rooted , thx for box

    PM for nudge.

    Hack The Box

  • Done it, learnt a few interesting things.
    Foothold: someone says is ctfy, someone not...well, I think it depends a lot on your mindset. If you are one who thinks that an easy machine should spoonfeed everything to go ahead, then yes, you can think it's ctf.
    If you think that a machine, whatever level should be, must drive you in a learning path, then it is not at all.
    User: wysiwyg
    Root: i literally spent hours trying to understand why i was failing despite doing exactly what was needed...then eventually i discovered that gaining a working shell sometimes is not enough...

    echo start dumb.bat > dumb.bat && dumb.bat
    doh!

  • Did the priv esc, but not sure if it was the intended path because it was unintended on some other boxes

  • Hi,

    Get the shell as user t*****t but from here, don't see any direction to find the user flag.
    find all file that user have access, but just don't get how to do this.
    Any help will be nice

  • Well, Foothold wasn't that easy to me, I think it's difficult to guess and to deal with that service to do what you want to do. The rest, pretty straight forward.

    Foothold: my hint is, try to read that file exploiting that L** vuln. Then you just have to use what you got, and read the service docs; using GUI is not always the best way to upload thinks, you can use other Terminal tools.

    User: just enum, begin always near were you start, and look for files that you can read (can you?)

    Root: well, It was new to me, so I had to spend long time checking l****um and other tools output... you need to know "who you are", and then check what can you do with that at Google; you will found a POC to exploit that easily. This part is hard when you use free labs

    PM if need a some help

    Hack The Box

  • edited June 26

    Type your comment> @GoorMoon said:

    Hi,

    Get the shell as user t*****t but from here, don't see any direction to find the user flag.
    find all file that user have access, but just don't get how to do this.
    Any help will be nice

    Have you identified the the username on the system you are trying to compromise? If so, then Google is your friend -- search how to use the 'find' command to search the system for files owned by that user, and dig deeper... "the answer is out there, Neo, and it's looking for you, and it will find you if you want it to..." (no - that's not a hint or a nudge...)

    Ricm916

  • Type your comment> @ricm916 said:

    Type your comment> @GoorMoon said:

    Hi,

    Get the shell as user t*****t but from here, don't see any direction to find the user flag.
    find all file that user have access, but just don't get how to do this.
    Any help will be nice

    Have you identified the the username on the system you are trying to compromise? If so, then Google is your friend -- search how to use the 'find' command to search the system for files owned by that user, and dig deeper... "the answer is out there, Neo, and it's looking for you, and it will find you if you want it to..." (no - that's not a hint or a nudge...)

    Thanks,

    How i was stupid :)

  • Type your comment> @GoorMoon said:

    Type your comment> @ricm916 said:

    Type your comment> @GoorMoon said:

    Hi,

    Get the shell as user t*****t but from here, don't see any direction to find the user flag.
    find all file that user have access, but just don't get how to do this.
    Any help will be nice

    Have you identified the the username on the system you are trying to compromise? If so, then Google is your friend -- search how to use the 'find' command to search the system for files owned by that user, and dig deeper... "the answer is out there, Neo, and it's looking for you, and it will find you if you want it to..." (no - that's not a hint or a nudge...)

    Thanks,

    How i was stupid :)

    We are never stupid... just stumped sometimes... it's easy to NOT SEE what is right in front of you... in the past, when I was stumped while working on a project, I would go explain to someone what I was doing and where I was stuck, and usually just talking through it to someone else (who didn't have to be knowledgeable with the subject matter, in fact better if not) would open my mind to what I was missing...

    Good Luck!

    Ricm916

Sign In to comment.