Cache

Type your comment> @TazWake said:

@gotw said:

(Quote)
You are 100% correct and it was entirely my mistake. I’d confused two boxes. Sorry for the confusion.

Custom wordlists are a really good idea.

But for host discovery why we need fuzzing.

@GHOSTontheWire said:

@TazWake
No problem.
I am always confused which wordlist i should use…
So i merge directory-list-2.3-medium.txt, common.txt, big.txt

Trial and error. One frustration with HTB is the fact that you often have to try dozens and never know if you’ve got something wrong or just used the wrong wordlist.

@GHOSTontheWire said:

But for host discovery why we need fuzzing.

With CTFs there are some technical differences than in the real world - for example, DNS queries dont have the same results and you cant lookup an IP to do a reverse DNS and find all the servers it hosts. This means you need to do some slightly artificial fuzzing to find out how servers respond to various requests.

@TazWake
Yes here we work on particular ip so hostname lookup is not possible.
But on WORLD WIDE WEB it is possible.

Hi there! Got root on this machine but it is giving me wrong flag… someone know why?

@srsamuka said:
Hi there! Got root on this machine but it is giving me wrong flag… someone know why?

Nevermind, I was puuting the right flag on the wrong machine… xD

Rooted. A very enjoyable machine, had a lot of fun with it.

Lessons learned:

  • Enumerating is not always faster/better than paying attention
  • Take notes. Read your notes!
  • Be patient: if five exploits fail, maybe the sixth works :smiley:

Rooted. User part was very interesting. Dm if you need a nudge.

I’m a bit stuck on this. I found the “other” bit but through hints on here rather than through enumeration. I’m then trying to exploit that side and am a bit stuck. If someone could drop me a message if they’re willing to help that’d be great and I’m happy to let you know where I’m up to so you don’t drop any spoilers on me. Thanks in advance!

Rooted, I also got root + user kind of together.
Feel free to DM for nudges

Rooted. Foothold was very new for me, but the user and the root went very fast.
DM me for nudges :slight_smile:

rooted!!! . my first medium box, thanks @ASHacker . all the tips have already been explained.

Rooted !!. @ASHacker by the way I found two way to by ROOT but one of this doesn´t have the flag … let me know if this is true or I found other way LOL !!! I had a lot of fun !!! My first CTF. I can not way for more. THANKS

Is it just me or is this a little too guess-y for the foothold

@LMAY75 said:

Is it just me or is this a little too guess-y for the foothold

It depends how you did it. For me it was enumeration, find thing, find public exploit for thing, exploit thing, have access, use functionality from access, have shell.

Then it was use creds I’d found during enumeration.

Not sure there was any step there where I had to guess something. I used a custom wordlist at one stage but that isn’t that unusual.

Yay root obtained.

Finding H** tripped me up, as did finding the exploit for it a bit after - but after that, it all seemed quite interesting.

Getting root was actually the easiest part IMO.

Spoiler Removed

# id
uid=0(root) gid=0(root) groups=0(root)

Not sure how I felt about this box tbh. DM me if you need any help

what’s going on with the box ?
I can connect to cache.htb but can’t access the page after login , and I can’t connect to h**.htb, nmap returns closed ports , when the http port is open , can’t use owasp , all my fuzzing tools don’t work … that is giving me headaches

@HamilcarR said:

what’s going on with the box ?
I can connect to cache.htb but can’t access the page after login

I am not sure what this relates to so I cant help here.

, and I can’t connect to h**.htb, nmap returns closed ports ,

There might be a problem with your connection or how you have this up in your hosts. As far as nmap is concerned it should return the same ports as anything else. The hostname only really matters during a HTTP request.

when the http port is open , can’t use owasp , all my fuzzing tools don’t work … that is giving me headaches

dirb should work.