Official Jewel Discussion

24567

Comments

  • Type your comment> @pizzapower said:

    So I'm about 91.6% sure about the path to a foothold, I just am having a hard time installing tooling. For those struggling, think of the name of the box and what app is running something like the name, and what we commonly look for to exploit apps.

    I figured that part out but I am having trouble putting it against the machine ip

    Hack The Box

  • Type your comment> @DancinHype said:

    Type your comment> @pizzapower said:

    So I'm about 91.6% sure about the path to a foothold, I just am having a hard time installing tooling. For those struggling, think of the name of the box and what app is running something like the name, and what we commonly look for to exploit apps.

    I figured that part out but I am having trouble putting it against the machine ip

    If we're talking about the same thing, I think we have to modify the payload and the encoding seems finicky to me, but I generally don't know what I'm going. lol

    Hack The Box

  • edited October 2020

    'Error "Operation not permitted" while writing config' What does it mean? I'm on the way to root and it keeps gives me this error when trying to log with t**p. Someone could help me?

  • Type your comment> @totem4 said:

    'Error "Operation not permitted" while writing config' What does it mean? I'm on the way to root and it keeps gives me this error when trying to log with t**p. Someone could help me?

    PM me what youre trying to do

    Hack The Box

  • Can someone PM me a hint on what code im suppose to change for the ***** to execute R*** ** *****

    Hack The Box

  • Rooted.
    Thanks to "polarbearer" for this very nice box.
    PM for nudges

    Hack The Box

  • Type your comment> @totem4 said:

    'Error "Operation not permitted" while writing config' What does it mean? I'm on the way to root and it keeps gives me this error when trying to log with t**p. Someone could help me?

    I'm currently stuck here as well :/

    zweeden

  • I need help. I got my U****** to change to the b*** but what do I do with it>?

    Hack The Box

  • edited October 2020

    For those stuck at the priv esc with the error, think about what you're using. Its hard to communicate when you're out of sync with each other.

  • Type your comment> @gointhrushell said:

    For those stuck at the priv esc with the error, think about what type of authentication you're using. Its hard to communicate when you're out of sync with each other.

    check your PM

    Hack The Box

  • edited October 2020

    Yay! Now I get to completely rebuild my OS. God I really love this box

    Edit: In retrospect it was kinda my fault. Gonna have to add ruby right underneath cryptographic attacks on the list of things I dont understand :lol:

    LMAY75
    Always happy to help, DM me if you need anything!
    Link to Profile

  • Very cool Box !
    Initial foothold was a bit more tough . User to root was kind of smooth and straightforward when you find it .

  • Type your comment> @gointhrushell said:

    For those stuck at the priv esc with the error, think about what you're using. Its hard to communicate when you're out of sync with each other.

    I've already rooted but the arena kicked me off as soon as I turned in the root hash. I wasn't done and now I'm on VIP with this same error... ?

  • Type your comment> @PrivacyMonk3y said:

    Type your comment> @gointhrushell said:

    For those stuck at the priv esc with the error, think about what you're using. Its hard to communicate when you're out of sync with each other.

    I've already rooted but the arena kicked me off as soon as I turned in the root hash. I wasn't done and now I'm on VIP with this same error... ?

    I'm getting the same error, i guess it has something with the time sync but still it's weird

  • Good Machine, going into this machine I did not know what to expect because I never messed with **** or *** before. I have learned a lot from just this one machine so Congrats. Nice little secret code that I didnt know was possible with this language, so that would be useful for the future if I run into it again.

    Hack The Box

  • Type your comment> @Selcius said:

    Type your comment> @PrivacyMonk3y said:

    Type your comment> @gointhrushell said:

    For those stuck at the priv esc with the error, think about what you're using. Its hard to communicate when you're out of sync with each other.

    I've already rooted but the arena kicked me off as soon as I turned in the root hash. I wasn't done and now I'm on VIP with this same error... ?

    I'm getting the same error, i guess it has something with the time sync but still it's weird

    Fixed it, well i was right it had a problem with time sync between the machine and my own machine.

  • Hmm, can't seem to establish a reverse-shell connection, might be payload encoding (although it seems fine) - anybody have any tips?

  • @polarbearer thx for that awesome machine, learnt a lot of interesting stuff!
    Hints:
    Foothold - read all the stuff you can and think how to check if its safe?
    Root - a bit of enumeration and doublecheck if you are 'synced'.

    nopej0hnson

    PM for nudges, will be glad to help you.

  • OS rebuilt, can finally go build this payload now

    LMAY75
    Always happy to help, DM me if you need anything!
    Link to Profile

  • After sending the payload I see the code on the top of the title bar, but nothing happens, no shell returned. Has this happened to any of you? Thanks.

  • Type your comment> @sparkla said:
    > @pizzapower wearing all black?

    Yes. I'm at my own funeral, lol. Still can't get my payload to work, and I've been too busy this weekend to work on it much

    Hack The Box

  • So I'm getting the 500 error but none of my payloads are working, tried a bash one-liner and nc rev shell

    Anyone else having the same issue?

    LMAY75
    Always happy to help, DM me if you need anything!
    Link to Profile

  • Type your comment> @zerologon said:

    After sending the payload I see the code on the top of the title bar, but nothing happens, no shell returned. Has this happened to any of you? Thanks.

    Go to a place and try to load it

    Hack The Box

  • i'm stuck with getting R**. pm me anyone please

  • i created payload and pasted it but when i send that i doesnt get shell in nc

  • Completely lost on this one. I get it from the hints that there's an obvious vulnerability somewhere, i come up with only one candidate and there's a very quick check that shows it's not vulnerable to it.

    lebutter
    eCPPT | OSCP

  • I give up. The bugs have made this box unsolvable.

    LMAY75
    Always happy to help, DM me if you need anything!
    Link to Profile

  • Rooted! Feel free to DM for tips or hints. Actually a fun box in hindsight.

    zweeden

  • Finally rooted, great box. For foothold, look at the name for ideas - what you need is rather recent. If your payload doesn't work, play around with other potential payloads. For root, just ensure running the command "date" on your local machine, and on the box match.

  • Rooted. Box was all buggy yesterday, today was a bit better. Root was straightforward, user was a lot more difficult. PM me for nudges, happy to help!

Sign In to comment.