Official Tabby Discussion

Rooted. Fun box, more than enough hints around. Message me if you need a nudge.

Dang that was intense… Racing the reboots and learning a bunch of new things. Great box! As other’s have said TONS of useful hints already but foothold was definitely the most difficult part.

Type your comment> @Raybz said:

I would love to get some nudges right now. I’ve found the L**, and found the t***** logon information, but not really sure where I need to move from there? Any help would be greatly appreciated!

DM me bro

Rooted! Not sure if this was the right choice for my first box, but it was fun.

DM for any nudges.

got stuck on foothold. got the xml file, successfully uploaded the war, deployed it, started it, but doesn’t call back to me. Tried multiple payloads. maybe i’m just stupid. any tips?

Type your comment> @davesipos said:

got stuck on foothold. got the xml file, successfully uploaded the war, deployed it, started it, but doesn’t call back to me. Tried multiple payloads. maybe i’m just stupid. any tips?

i’m assuming you’re talking about msf.
check the target setting too. you may have to change that to something more suitable.
& make sure you’re using the correct one for what you can access.

Type your comment> @kcaaj said:

Type your comment> @davesipos said:

got stuck on foothold. got the xml file, successfully uploaded the war, deployed it, started it, but doesn’t call back to me. Tried multiple payloads. maybe i’m just stupid. any tips?

i’m assuming you’re talking about msf.
check the target setting too. you may have to change that to something more suitable.
& make sure you’re using the correct one for what you can access.

Thank you, worked, Respect is on it’s way

Spoiler Removed

I don’t know why I tried to look so much further than what was required for user… From the initial enum of the ip address, it was clear that there was supposed to be that kind of file, given the nature of HTB, but somehow I just kept going deeper and deeper into that rabbit hole.

Anyway, getting the initial foothold was quite accessable, but delivering it in the right way was tricky for me.

root@tabby:~# whoami && id && hostname
root
uid=0(root) gid=0(root) groups=0(root)
tabby

Thanks for the nudges, everyone in the forum. Great box, learned a few new things.

Rooted! tq.

DM for any nudges

Good fun and a nice first box after a month away from my darling PC.

Foothold: Install the software the easiest way possible. Then locate where the file you need is saved on your machine. Don’t forget to check at the source if you think it’s not working.

User: Find a file owned by your target and brutalize that ■■■■.

Root: What are you a part of?

i tried to root wit the *** i build the *** without errors , upload to the server, but when i try to import i get Error: Unsupported compression

someone to help on this?

I need a hint.

I have found a lot of information like the documentation etc. and even a field to l*g**

And I did a lot of enumeration but can’t seem to access or find the t****t file.

Any hints would be appreciated.

Feeling pretty frustrated rn, spent a good amount of time getting a low level shell, and now I’m struggling to transfer the 161*****.zp file to my local machine. Can’t use SimpleHSeer, so I’m really not sure how I’m supposed to take a crack at it.

If anyone could give me a nudge or a PM I’d really appreciate it

If anyone needs hints, can hit my inbox.

Type your comment> @nothades said:

Feeling pretty frustrated rn, spent a good amount of time getting a low level shell, and now I’m struggling to transfer the 161*****.zp file to my local machine. Can’t use SimpleHSeer, so I’m really not sure how I’m supposed to take a crack at it.

If anyone could give me a nudge or a PM I’d really appreciate it

looks exactly which version of pyn is supported by the box and use the h***er syntax for that particular version.

Type your comment> @nothades said:

Feeling pretty frustrated rn, spent a good amount of time getting a low level shell, and now I’m struggling to transfer the 161*****.zp file to my local machine. Can’t use SimpleHSeer, so I’m really not sure how I’m supposed to take a crack at it.

If anyone could give me a nudge or a PM I’d really appreciate it

Try using nc instead.

Rooted, Si alguien necesita ayuda al DM

huge shout-out to those dickless assholes who are removing my war file, ■■■■ you motherfuckers…you aint gonna get anywhere while doing so!!
get your war file shove up deep into your asses!!!