Good fun and a nice first box after a month away from my darling PC.
Foothold: Install the software the easiest way possible. Then locate where the file you need is saved on your machine. Don't forget to check at the source if you think it's not working.
User: Find a file owned by your target and brutalize that shit.
Root: What are you a part of?
Happy to offer nudges to anyone on boxes I've done, provided you show that you've reasonably tried to understand what the goal is! If I do help, please consider giving respect!
Feeling pretty frustrated rn, spent a good amount of time getting a low level shell, and now I'm struggling to transfer the 161*****.z*p file to my local machine. Can't use SimpleH***Se**er, so I'm really not sure how I'm supposed to take a crack at it.
If anyone could give me a nudge or a PM I'd really appreciate it
Feeling pretty frustrated rn, spent a good amount of time getting a low level shell, and now I'm struggling to transfer the 161*****.z*p file to my local machine. Can't use SimpleH***Se**er, so I'm really not sure how I'm supposed to take a crack at it.
If anyone could give me a nudge or a PM I'd really appreciate it
looks exactly which version of py****n is supported by the box and use the h*******er syntax for that particular version.
Feeling pretty frustrated rn, spent a good amount of time getting a low level shell, and now I'm struggling to transfer the 161*****.z*p file to my local machine. Can't use SimpleH***Se**er, so I'm really not sure how I'm supposed to take a crack at it.
If anyone could give me a nudge or a PM I'd really appreciate it
huge shout-out to those dickless assholes who are removing my war file, fuck you motherfuckers...you aint gonna get anywhere while doing so!!
get your war file shove up deep into your asses!!!
Feeling pretty frustrated rn, spent a good amount of time getting a low level shell, and now I'm struggling to transfer the 161*****.z*p file to my local machine. Can't use SimpleH***Se**er, so I'm really not sure how I'm supposed to take a crack at it.
If anyone could give me a nudge or a PM I'd really appreciate it
scp is a great thing to learn to use!
Happy to offer nudges to anyone on boxes I've done, provided you show that you've reasonably tried to understand what the goal is! If I do help, please consider giving respect!
After bashing my head on a wall with the Travel box, this was a really nice one to work on. Foothold to Root after a working on it for few hours. Fun box!
OK... I literally wasted all day on the foothold for this box, even after I read the first few pages of this thread for hints... all the tips about "do more enumerating" did not help one bit. Even the pointers about the file location being written on the site somewhere didn't help....
In the end, it was my browser that screwed me.... so my nudge is... blank pages aren't necessarily empty.
Happy to help people but PLEASE explain your problem in as much detail as possible! If you say vague things like "It's not working", I cant help. This isn't Twitter so my DMs are always open.
Currently have very limited HTB time but will try to respond as quickly as possible.
Foothold: If you found initial vuln, take a look at something on the other port and enumerate. In kali you can find out the content of packet to fuzz with apt-file. If you found creds, google what founded roles give you, curl \ httpie \ ******-manager can help you to exploit in this situation.
User: take a look at some interesting file, you can bruteforce them. If it didn't help you, think about how people are lazy.
Root: it is not necessary to use automatic scripts. Just enumerate manually. There is only one sploit for this missconfiguration in searchsploit Don't overthing, try to find out more what your user can do on machine.
I found the T*****-*****.x** with creds and could log into /H***-M****** and stuck there. People all say read and dont skip over little details. I have read pretty thoroughly with no luck at this point. Nudges would be great. (Also have tried Curl instead of using browser to try and be creative, but unsure on how that could even help me any further)
I found the T*****-*****.x** with creds and could log into /H***-M****** and stuck there. People all say read and dont skip over little details. I have read pretty thoroughly with no luck at this point. Nudges would be great. (Also have tried Curl instead of using browser to try and be creative, but unsure on how that could even help me any further)
This file contain roles besides login and password. Google what rights that roles give you
Could anyone tell me how can I read the xml file to get credentials
Use a web browser and look at what it has sent you.
Maybe look what it's sent in Burp? I think some people have issues with looking in browser?
It is certainly more "In your face" if you use burp, but it's only a single click away in a browser and if people aren't checking things like that, they really should.
Happy to help people but PLEASE explain your problem in as much detail as possible! If you say vague things like "It's not working", I cant help. This isn't Twitter so my DMs are always open.
Currently have very limited HTB time but will try to respond as quickly as possible.
Could anyone tell me how can I read the xml file to get credentials
Use a web browser and look at what it has sent you.
Maybe look what it's sent in Burp? I think some people have issues with looking in browser?
It is certainly more "In your face" if you use burp, but it's only a single click away in a browser and if people aren't checking things like that, they really should.
Ahhh, thanks guys, didn't realise I could see in page source as well,
Comments
Good fun and a nice first box after a month away from my darling PC.
Foothold: Install the software the easiest way possible. Then locate where the file you need is saved on your machine. Don't forget to check at the source if you think it's not working.
User: Find a file owned by your target and brutalize that shit.
Root: What are you a part of?
Happy to offer nudges to anyone on boxes I've done, provided you show that you've reasonably tried to understand what the goal is! If I do help, please consider giving respect!
i tried to root wit the *** i build the *** without errors , upload to the server, but when i try to import i get Error: Unsupported compression
someone to help on this?
I need a hint.
I have found a lot of information like the documentation etc. and even a field to l*g**
And I did a lot of enumeration but can't seem to access or find the t****t file.
Any hints would be appreciated.
Feeling pretty frustrated rn, spent a good amount of time getting a low level shell, and now I'm struggling to transfer the 161*****.z*p file to my local machine. Can't use SimpleH***Se**er, so I'm really not sure how I'm supposed to take a crack at it.
If anyone could give me a nudge or a PM I'd really appreciate it
Type your comment> @nothades said:
looks exactly which version of py****n is supported by the box and use the h*******er syntax for that particular version.
@knock23 thank you so much man, I can finally sleep
Type your comment> @nothades said:
Try using nc instead.
Write-Ups here: https://catsandpancakes.github.io
Rooted, Si alguien necesita ayuda al DM
huge shout-out to those dickless assholes who are removing my war file, fuck you motherfuckers...you aint gonna get anywhere while doing so!!
get your war file shove up deep into your asses!!!
Rooted !
User and Root took me 1 hour. Foothoold days.. ! One big advice is .. install what you think to install for replicate the enviroment. Just apt.
DM if you are stuck !
Type your comment> @NFire0111111 said:
Finally rooted.
Same advice for annoying initial foothold, just install it using apt on your local.
Thanks @AidynSkullz for the nudge.
Wow, finally rooted!
The initial foothold drove me up a wall lol
Can't really say anything that hasn't been said here.
PM for nudges
Type your comment> @nothades said:
scp is a great thing to learn to use!
Happy to offer nudges to anyone on boxes I've done, provided you show that you've reasonably tried to understand what the goal is! If I do help, please consider giving respect!
Just got root. This was harder than some medium rated machines (or maybe its just me).
feel free to PM for nudges
rooted, took me about a week between user and root so hang in there! Happy to give nudges...
After bashing my head on a wall with the Travel box, this was a really nice one to work on. Foothold to Root after a working on it for few hours. Fun box!
OSCP | OSWP | so much more to learn ...
OK... I literally wasted all day on the foothold for this box, even after I read the first few pages of this thread for hints... all the tips about "do more enumerating" did not help one bit. Even the pointers about the file location being written on the site somewhere didn't help....
In the end, it was my browser that screwed me.... so my nudge is... blank pages aren't necessarily empty.
head-desk
Could anyone tell me how can I read the xml file to get credentials
@unmesh836 said:
Use a web browser and look at what it has sent you.
Note: https://www.nohello.com/
Happy to help people but PLEASE explain your problem in as much detail as possible! If you say vague things like "It's not working", I cant help. This isn't Twitter so my DMs are always open.
Currently have very limited HTB time but will try to respond as quickly as possible.
rooted! If anyone need help just DM
También en español ;-)
Type your comment> @TazWake said:
Maybe look what it's sent in Burp? I think some people have issues with looking in browser?
Foothold: If you found initial vuln, take a look at something on the other port and enumerate. In kali you can find out the content of packet to fuzz with
apt-file. If you found creds, google what founded roles give you,curl\httpie\******-managercan help you to exploit in this situation.User: take a look at some interesting file, you can bruteforce them. If it didn't help you, think about how people are lazy.
Root: it is not necessary to use automatic scripts. Just enumerate manually. There is only one sploit for this missconfiguration in searchsploit
Don't overthing, try to find out more what your user can do on machine.
I found the T*****-*****.x** with creds and could log into /H***-M****** and stuck there. People all say read and dont skip over little details. I have read pretty thoroughly with no luck at this point. Nudges would be great. (Also have tried Curl instead of using browser to try and be creative, but unsure on how that could even help me any further)
Type your comment> @JitB said:
This file contain roles besides login and password. Google what rights that roles give you
Type your comment> @blacViking said:
I think you should delete some symbols, it probably has been written on windows. Use
dos2unixnext time before transfering and executing.Type your comment> @BugsBunny said:
Look at page source code
@BugsBunny said:
It is certainly more "In your face" if you use burp, but it's only a single click away in a browser and if people aren't checking things like that, they really should.
Note: https://www.nohello.com/
Happy to help people but PLEASE explain your problem in as much detail as possible! If you say vague things like "It's not working", I cant help. This isn't Twitter so my DMs are always open.
Currently have very limited HTB time but will try to respond as quickly as possible.
@NordeN said:
@TazWake said:
Ahhh, thanks guys, didn't realise I could see in page source as well,
the more you know....
Got foothold. Not sure how to move laterally, though...