NIbbles

@buckyball said:

@witchkingsteve said:

@J3rryBl4nks said:
I am on the box with what I believe to be a TTY shell. I keep getting errors trying to interact with the local file I SHOULD be able to sudo without a password. Any nudges?

In order to sudo you have to take advantage of the permissions given to the file. I would google for exploiting sudo via file permissions and read up on it. That’s how I was able to get it

I finally got it. This is a great hint bordering on spoiler. Even knowing this though is not the solution. I had to still do a good bit of trial and error and finally realized what was happening. This is an easy box in hindsight but overlooking very tiny details made it difficult to solve for me.

Yeah! even after reading you still have to make sure you have the right information and make sense out of what is happening. Awesome job!

@LetMeO said:
Guys, plz give me a right vector. I’m trying to exploit this thing with xss and create post to gain acces to admin panel. Am i on a right way?

So, any hints? Or i should just figure out what the password and login is.

My first HTB box and seems tough enough at this moment. If the user login is the world “default” username, what is the “default” HTB?

@darthgucci said:

@J3rryBl4nks said:
I am on the box with what I believe to be a TTY shell. I keep getting errors trying to interact with the local file I SHOULD be able to sudo without a password. Any nudges?

In order to sudo you have to take advantage of the permissions given to the file. I would google for exploiting sudo via file permissions and read up on it. That’s how I was able to get it

This is really on the border of spoiler.

@4an7o said:

@witchkingsteve said:

@J3rryBl4nks said:
I am on the box with what I believe to be a TTY shell. I keep getting errors trying to interact with the local file I SHOULD be able to sudo without a password. Any nudges?

In order to sudo you have to take advantage of the permissions given to the file. I would google for exploiting sudo via file permissions and read up on it. That’s how I was able to get it

This is really on the border of spoiler.

There I reported it as a spoiler myself.

For whatever reasons I can’t get root. I know I have to use the xxxx.sh file but every time when I try to use it, it says that I need a tty shell. Well I tried that but this also doesn’t work for me either. When i try to get a better shell it either says “no job control running” or doesn’t do anything at all. Can somebody help me via PM?
If this is a spoiler I will delete it of course.

I have found username but password not found. i have read all source code but nothing found. Can anyone give me hint how to find ?

You can’t find the password. You have to guess it, but it is pretty obvious. Check the pages, it has been mentioned several times.

@darthgucci said:

@4an7o said:

@darthgucci said:

@J3rryBl4nks said:
I am on the box with what I believe to be a TTY shell. I keep getting errors trying to interact with the local file I SHOULD be able to sudo without a password. Any nudges?

In order to sudo you have to take advantage of the permissions given to the file. I would google for exploiting sudo via file permissions and read up on it. That’s how I was able to get it

This is really on the border of spoiler.

There I reported it as a spoiler myself.

I think it is good to keep it there.
I am new to HTB/pentest hence I am easily overthinking the method. It is a good comment to inspire me to review my process and learn how to get it done.

I will also say that it helps to really understand what you see in the enumeration. I looked at it multiple times and knew what I had to do but could not see the clear solution until stepping back and rethinking basic stuff. The trick for me was not to overthink it. Also, simple syntax errors cost me a couple of extra hours.

@w4r10ck2 said:
For whatever reasons I can’t get root. I know I have to use the xxxx.sh file but every time when I try to use it, it says that I need a tty shell. Well I tried that but this also doesn’t work for me either. When i try to get a better shell it either says “no job control running” or doesn’t do anything at all. Can somebody help me via PM?
If this is a spoiler I will delete it of course.

In order to interact and get root you need a TTY shell. Pretty simple to accomplish once you understand how to get out of a jailed cell. Google is your friend. If you’re using metasploit understanding how to use it to establish TTY will help greatly.

Hello there,

I begin HTB with this machine.

I have been looking for the default credential for almost a day. Used CeWL and tried all the password listed, tried all the basic passwords a lazy admin can use and still nothing.
I’ll be honest and admit I feel very very bad about not guessing this password. As it is not the most interesting part of this challenge, can someone hit me in private to assure me I have the right username (found on a file, so I guess yes), and the passwords I tried are not these one?

Thanks in advance fellows.

Found it. Thanks dear player who helped me via message.

Anyone able to DM a hint for the tty issue? Tried most standard ways to break. Shell is through meterpreter with known exploit for the web service and I know what I need to run (at least I think so).

lol a linux admin with over 8 years in the industry here trying to get into infosec. Embarrassing that I can’t figure out a default password. Can somebody help?

@npsoni use cewl. don’t think default, think bad practise

I’m really struggling with getting root… It’s a bit discouraging :anguished: I’ve been reading up on multiple articles involving methods to “abuse” the file in question but I just can’t seem to do it. Could someone perhaps shoot me a PM and help me out a little bit?

If somebody needs a some help without expecting for spoilers, feel free to DM me.

I’m a muppet. Got root.

logedIn. enumerated directories. but cant find user.txt. any Hint ?