Did you try finding the user account in hackthebox site (not the forum) ?
If you click on “Member Finder” in the top right corner, just fill in the name and search for user… then, in his profile the first button under his name is: “Give Respect”
Hope it helps respect
Hey everyone
I have written a python class based on the poc if anybody is interested. I am not sure if it is ok to share here since it could be a spoiler. I would like to give some hints to my fellow beginners:
I banged my head against a wall with the dubdubdub until I looked for bases with data in them.
I cant believe that such a simple out of bounds error in such a vital part was only discovered one year ago.
Hey everyone
I have written a python class based on the poc if anybody is interested. I am not sure if it is ok to share here since it could be a spoiler.
I’d be tempted to wait until after the box retires.
I would like to give some hints to my fellow beginners:
I banged my head against a wall with the dubdubdub until I looked for bases with data in them.
I cant believe that such a simple out of bounds error in such a vital part was only discovered one year ago.
Really fun box, user was definitely the hardest for me but root only takes a few minutes if you manage to avoid the rabbit holes.
Lots of good advice here already but my 2 cents for user is: you don’t need to guess, credentials are right in front of you, but if you want to be like the cool kids and bruteforce this Google might lead you to a .py script that can help you but it doesn’t work out of the box. I tried it after with the right credentials and it saw them as incorrect.
Did you try finding the user account in hackthebox site (not the forum) ?
If you click on “Member Finder” in the top right corner, just fill in the name and search for user… then, in his profile the first button under his name is: “Give Respect”
Hope it helps respect
Thank you!! "Respect given"s are complete
I respect you for respecting me
And thank you egotisticalSW for creating this machine… quite fun and chalengeing … and it helped me understand how to use ‘cewl’ command to create wordlists with the content of a site
I spent ages trying to “cool” this thing but the py file doesn’t work straight out the box. Luckily a good hint helped me find what I needed to get user. Just google what you need to RCE.
Once you get user and you run your enum scripts, root will probably take about 5 minutes. Once you find what you need just “hop along”.
Finally got root, got completely thrown of the simple path to root because of some interesting pictures I found in the user folder. Started looking into an exploit attacking a service on a port… Ah well, learned a ton though
Foothold: enumerate very well, find vulnerable software and information to access it, smart guess creds, exploit
User: enumerate well on the inside. Where are creds typically found?
Root: enumerate yet again, Google what looks strange
Stuck on user. I found three password hashes - two of them had salts and one is missing the salt entry. Is that the way it should be or did someone mess with the machine?
Stuck on user. I found three password hashes - two of them had salts and one is missing the salt entry. Is that the way it should be or did someone mess with the machine?
You might be going in the wrong direction. Enumerate what your account can do.
Stuck on user. I found three password hashes - two of them had salts and one is missing the salt entry. Is that the way it should be or did someone mess with the machine?
You might be going in the wrong direction. Enumerate what your account can do.
I think my previous question was poorly written. I meant that I am stuck getting user - not that I have user.
So I’d like to repeat the question: should all three hashes have salts?
I think my previous question was poorly written. I meant that I am stuck getting user - not that I have user.
So I’d like to repeat question: should all three hashes have salts?
Ok - sorry, I misunderstood.
I cant say too much without hitting a massive spoiler, but I would take time to fully enumerate to find one which is different than the others. You might need to use an online station to crack this as I dont think any of the default wordlists will help you.