@J3rryBl4nks said:
I am on the box with what I believe to be a TTY shell. I keep getting errors trying to interact with the local file I SHOULD be able to sudo without a password. Any nudges?
In order to sudo you have to take advantage of the permissions given to the file. I would google for exploiting sudo via file permissions and read up on it. That’s how I was able to get it
I finally got it. This is a great hint bordering on spoiler. Even knowing this though is not the solution. I had to still do a good bit of trial and error and finally realized what was happening. This is an easy box in hindsight but overlooking very tiny details made it difficult to solve for me.
Yeah! even after reading you still have to make sure you have the right information and make sense out of what is happening. Awesome job!
@LetMeO said:
Guys, plz give me a right vector. I’m trying to exploit this thing with xss and create post to gain acces to admin panel. Am i on a right way?
So, any hints? Or i should just figure out what the password and login is.
@J3rryBl4nks said:
I am on the box with what I believe to be a TTY shell. I keep getting errors trying to interact with the local file I SHOULD be able to sudo without a password. Any nudges?
In order to sudo you have to take advantage of the permissions given to the file. I would google for exploiting sudo via file permissions and read up on it. That’s how I was able to get it
@J3rryBl4nks said:
I am on the box with what I believe to be a TTY shell. I keep getting errors trying to interact with the local file I SHOULD be able to sudo without a password. Any nudges?
In order to sudo you have to take advantage of the permissions given to the file. I would google for exploiting sudo via file permissions and read up on it. That’s how I was able to get it
For whatever reasons I can’t get root. I know I have to use the xxxx.sh file but every time when I try to use it, it says that I need a tty shell. Well I tried that but this also doesn’t work for me either. When i try to get a better shell it either says “no job control running” or doesn’t do anything at all. Can somebody help me via PM?
If this is a spoiler I will delete it of course.
@J3rryBl4nks said:
I am on the box with what I believe to be a TTY shell. I keep getting errors trying to interact with the local file I SHOULD be able to sudo without a password. Any nudges?
In order to sudo you have to take advantage of the permissions given to the file. I would google for exploiting sudo via file permissions and read up on it. That’s how I was able to get it
This is really on the border of spoiler.
There I reported it as a spoiler myself.
I think it is good to keep it there.
I am new to HTB/pentest hence I am easily overthinking the method. It is a good comment to inspire me to review my process and learn how to get it done.
I will also say that it helps to really understand what you see in the enumeration. I looked at it multiple times and knew what I had to do but could not see the clear solution until stepping back and rethinking basic stuff. The trick for me was not to overthink it. Also, simple syntax errors cost me a couple of extra hours.
@w4r10ck2 said:
For whatever reasons I can’t get root. I know I have to use the xxxx.sh file but every time when I try to use it, it says that I need a tty shell. Well I tried that but this also doesn’t work for me either. When i try to get a better shell it either says “no job control running” or doesn’t do anything at all. Can somebody help me via PM?
If this is a spoiler I will delete it of course.
In order to interact and get root you need a TTY shell. Pretty simple to accomplish once you understand how to get out of a jailed cell. Google is your friend. If you’re using metasploit understanding how to use it to establish TTY will help greatly.
I have been looking for the default credential for almost a day. Used CeWL and tried all the password listed, tried all the basic passwords a lazy admin can use and still nothing.
I’ll be honest and admit I feel very very bad about not guessing this password. As it is not the most interesting part of this challenge, can someone hit me in private to assure me I have the right username (found on a file, so I guess yes), and the passwords I tried are not these one?
Anyone able to DM a hint for the tty issue? Tried most standard ways to break. Shell is through meterpreter with known exploit for the web service and I know what I need to run (at least I think so).
lol a linux admin with over 8 years in the industry here trying to get into infosec. Embarrassing that I can’t figure out a default password. Can somebody help?
I’m really struggling with getting root… It’s a bit discouraging I’ve been reading up on multiple articles involving methods to “abuse” the file in question but I just can’t seem to do it. Could someone perhaps shoot me a PM and help me out a little bit?