Magic

11516171921

Comments

  • edited June 10

    So i acquired the m**** creds and i know i have to interact with it somehow. I have been throwing commands + q*****s in the url to no avail, tried remoting in as well through terminal still no luck. Im pretty stuck as to how to interact with it at this point ....could use a nudge ...please PM

    Ahhhh ..ok thank you @TazWake for the nudge.....to the next move...

  • Any advice on getting a shell? Got RCE but haven't been able to establish a shell. Tried a php one liner, python, /bin/sh etc. Listed the whole file system & saw an interesting .p**5 doc but is empty when accessing via url.

  • @3xxu5 said:

    Any advice on getting a shell? Got RCE but haven't been able to establish a shell.

    It depends how you've got your RCE but its worth trying different versions of the things you've tried.

    TazWake

    Happy to help people but PLEASE explain your problem in as much detail as possible!

    Also: https://www.nohello.com/

  • Stuck on root. Any help would be appreciated please!

  • Finally rooted! Big Thank to @lewd for his help!

  • edited June 11

    Got root! It was a very funny box.
    Foothold: OWASP enumeration.
    User: Understand how it works.
    Root: At first I was at a loss and spent a lot of time to understand how it works, but then I found the true path.
    PM me for hints

  • Finally Rooted. I thought this was a good box and definitely taught me some new skills. I consider myself a beginner, so I'll just say to take each part (initial foothold, user, and root) individually. I found that iterating through the comments for each part really helped piece things together. PM if you need a hint.

    Also, thank you @TRX for a great box!

    Harbard

  • Rooted.

  • Type your comment> @trevorphillips said:

    I was able to read the root flag with cat in my impostor file, but trying to set up /bin/bash would result in a root shell echoing back my commands to me:

    [email protected]:/root# whoami
    whoami

    Anyone could explain?

    @trevorphillips
    I had this same thing occur. I think this has to do with losing stdout somehow.
    At one point, after moving directories it seemed like i re-gained stdout.. but couldn't reproduce.
    i found that redirecting stdout to stderr via 1>&2 at the end of my command worked. I don't know why exactly.

    ie. whoami 1>&2
    would also give me output .. give it a try.

    Got this thing rooted.
    Special thanks to @ssMiles and @Nicolasmira101 for helping nudge me along.

    Hack The Box

  • Hi guys, I rooted this box, but still need help. I have found something interesting in login form with wfuzz but still can't do the same with ****ap, does anybody help me with it's options?

  • Rooted the box a 2 days ago thanks @Harbard for the nudges for root, cool box learned some new stuff. PM me for nudges.

  • Rooted, it was a nice box and learnt some new stuff on the way to root wich is something good :smile:

    some hints.. (tho i think everything has allready been hinted, but anyway)

    for Foothold
    enum and then its pretty straight forward, an old way i have been without using effectively for a long time and its the first thing you usually try (surprised it worked tho hehe)

    for user
    It was a good reminder that there are things you can do/see even if you cannot directly access to what you want devil is in the details

    for root
    Lead it where you want it to go and benefit from it

    Hope that helps someone without spoiling the fun

    thanks @TRX for the box ;)

    Hack The Box

  • Could anyone drop me a nudge for root?
    I have been monitoring processes but it just showing the zoneinfo thing.
    Also have tried to exploit the suid bin s*****o.

  • Type your comment> @3xxu5 said:

    Any advice on getting a shell? Got RCE but haven't been able to establish a shell. Tried a php one liner, python, /bin/sh etc. Listed the whole file system & saw an interesting .p**5 doc but is empty when accessing via url.

    try going full on pure php, and for running the commands with the rce i would recommend using burp, easier to track the commands and if something drops you have the repeater to get it back fast

    Trigonus

  • love the fact my badge keeps my last photo

    Trigonus

  • how to get reverse connect.when i use python3 script then i'm always connect with local host.

  • got root. Learned quite a bunch about s**d in this. I do have a question tho; the shell I got was not outputting anything whatsoever. I'm trying to understand why. My C is pretty limited and I was basically calling system to get my shell.

  • Got root. Easy box, but user part gives some new tools in my baggage.
  • got root! first box that I didn't use any nudges!
    super fun box, I've been wanting to use that foothold exploit for a while.
    PM for nudges

  • edited June 29

    I got root shell, but when i type a command, such as ls, there is no output?? anyone else had this or did i miss something

    edit:

    just sent myself the bash shell to my local and got it

    good box, thanks!

  • after some time i finally got root. I have to say that reading this thread helped me a lot for root!

  • Rooted. Another fun box! PM if you need a nudge.

    Hack The Box

  • I understand how to root the box, but for some reason it doesn't seem to want to play nice. Got user, understand the root vulnerability, but for some reason when I run insert something I would run nothing pops up on inserts elsewhere something would pop up on. Any advice? This is probably my weakest subject in terms of exploits/vulnerabilities so I need to do read up a little more. Maybe you can PM me to compare commands to make sure I have a grasp on things, or if someone is just messing the box up. Thanks!

  • rooted the machine. definitely learnt something new this time. thanks for the box @TRX ! feel free to dm me if you get stuck

  • @zgordon96 said:

    I understand how to root the box, but for some reason it doesn't seem to want to play nice. Got user, understand the root vulnerability, but for some reason when I run insert something I would run nothing pops up on inserts elsewhere something would pop up on. Any advice? This is probably my weakest subject in terms of exploits/vulnerabilities so I need to do read up a little more. Maybe you can PM me to compare commands to make sure I have a grasp on things, or if someone is just messing the box up. Thanks!

    Happy to help if you are still stuck.

    TazWake

    Happy to help people but PLEASE explain your problem in as much detail as possible!

    Also: https://www.nohello.com/

  • Type your comment> @Dark0 said:

    rooted. Box easily but very fun. If you need a hint can ask me

    Hey can you please give me a nudge on Root...
    I used a popular Enumeration tool but I couldn't just get it.
    can I PM u?

  • Ah. finally got time to finish this off.

    Learnt alot of this. Thanks alot to the creators.

    PM me if you need a nudge.

  • Rooted Great Box! Thank you @lewd for the nudge on the root.
    This is the first time posting here. Please correct me If something that is not allowed.
    User: If you got stuck after uploading the file, Check how images are stored using a sample image.
    Root: Finding "root" was a bit difficult (At least for me). But easy to exploit.
    Any hint for Root here might be a Spoiler. So, PM if anyone needs a nudge.

  • Please for the love of everything, stop resetting.

    image

  • anyone else get 404 99% of the time they try to execute RCE?

Sign In to comment.