Hint for Sunday

@onlyamedic said:
not sure if someone is messing with the box, but I’ve ran hydra + rockyou + some other pw wordlists on the 2nd to last high port with a list of potential usernames (including the users with sa*** & su**** + a bunch of “default” accounts). Can’t auth to anything. Am I missing something?

Stuck at the same point

Ok, i got it, now im trying to access user.txt

This box is terrible in every way. I have everything I need and know the way to root, I just can’t do it because I need a powerful machine to crack that hash!

Really not worth the time for 20 poinp.

I recommend resetting the machine before you attempt to access the user accounts. People kept changing the password when I was doing it & caused me to second guess myself for a long time.

@ZaYoOoD said:
This box is terrible in every way. I have everything I need and know the way to root, I just can’t do it because I need a powerful machine to crack that hash!

Really not worth the time for 20 poinp.

possibly not using the correct tool and word list. i am able to crack the hash in some time with 4 GB of VM.

@ZaYoOoD said:
This box is terrible in every way. I have everything I need and know the way to root, I just can’t do it because I need a powerful machine to crack that hash!

Really not worth the time for 20 poinp.

I think you need to look at the tools you’re using, or how you use the tools maybe provide different wordlists? I cracked the hashes in 32.2 seconds on a VM

can someone dm me on user.txt?

@UN1X00 said:

@ZaYoOoD said:
This box is terrible in every way. I have everything I need and know the way to root, I just can’t do it because I need a powerful machine to crack that hash!

Really not worth the time for 20 poinp.

I think you need to look at the tools you’re using, or how you use the tools maybe provide different wordlists? I cracked the hashes in 32.2 seconds on a VM

I tried using John, it returned the pass I knew, and the other one it didn’t.
I tried using hashcat, but I keep getting segmentation errors, even though I tried on 3 different machines.

Can u help me a bit at 2nd user? I already have password for su*** but can’t find for sa***. I’m trying with hydra with lot of wordlist but aint work…

@ZaYoOoD said:

@UN1X00 said:

@ZaYoOoD said:
This box is terrible in every way. I have everything I need and know the way to root, I just can’t do it because I need a powerful machine to crack that hash!

Really not worth the time for 20 poinp.

I think you need to look at the tools you’re using, or how you use the tools maybe provide different wordlists? I cracked the hashes in 32.2 seconds on a VM

I tried using John, it returned the pass I knew, and the other one it didn’t.
I tried using hashcat, but I keep getting segmentation errors, even though I tried on 3 different machines.

I ended up creating a new Windows VM, installing hashcat on it, and then I was able to crack the hash, on which I’ve been stuck for a week :confused:

After that I got root in no time…
I think there’re at least 3-4 ways to get root on this machine once you have the other user.

@ZaYoOoD said:

@ZaYoOoD said:

@UN1X00 said:

@ZaYoOoD said:
This box is terrible in every way. I have everything I need and know the way to root, I just can’t do it because I need a powerful machine to crack that hash!

Really not worth the time for 20 poinp.

I think you need to look at the tools you’re using, or how you use the tools maybe provide different wordlists? I cracked the hashes in 32.2 seconds on a VM

I tried using John, it returned the pass I knew, and the other one it didn’t.
I tried using hashcat, but I keep getting segmentation errors, even though I tried on 3 different machines.

I ended up creating a new Windows VM, installing hashcat on it, and then I was able to crack the hash, on which I’ve been stuck for a week :confused:

After that I got root in no time…
I think there’re at least 3-4 ways to get root on this machine once you have the other user.

Thanks, but it aint helped :smiley:

@davad said:

@ZaYoOoD said:

@ZaYoOoD said:

@UN1X00 said:

@ZaYoOoD said:
This box is terrible in every way. I have everything I need and know the way to root, I just can’t do it because I need a powerful machine to crack that hash!

Really not worth the time for 20 poinp.

I think you need to look at the tools you’re using, or how you use the tools maybe provide different wordlists? I cracked the hashes in 32.2 seconds on a VM

I tried using John, it returned the pass I knew, and the other one it didn’t.
I tried using hashcat, but I keep getting segmentation errors, even though I tried on 3 different machines.

I ended up creating a new Windows VM, installing hashcat on it, and then I was able to crack the hash, on which I’ve been stuck for a week :confused:

After that I got root in no time…
I think there’re at least 3-4 ways to get root on this machine once you have the other user.

Thanks, but it aint helped :smiley:

you’re on the right track…
Like I said, if it doesn’t work on your machine just try another to crack it…
But don’t use Hydra… use another…

If any one needs a hint pm me

Is Hashcat the right tool? I am worried I am using the wrong hash number for cracking.

@J3rryBl4nks said:
Is Hashcat the right tool? I am worried I am using the wrong hash number for cracking.

Any hash-cracker should work really as long as it supports the hash type. Do some research on what kind of hashes are stored in the file you found and then to hashcat --help | grep -i "<your-hash-type" to find the correlating number for hashcat.

If this still doesn’t give you any result, try another wordlist or even reset the box and pull the file contents before someone can ■■■■ them up.

I had to run it on my host machine. My Kali VM was way too slow to crack the hash. Thank you.

Bit stuck at the moment, managed to logon to the machine and found the user.txt, but not 100% sure on how to access it with the ‘2nd account’.

Can anyone throw me a subtle hint?

EDIT: Sigh, i’m an idiot.

Ok… So I’ve got the root flag but I’m not 100% sure if what i did was the correct way. Is there someone I can PM to double check? lol

can you stop fucking up the system? etc passwd is empty and I’m trying to solve the challenge. I’m believing whoever said here no exploits needed and taking my time to look around…

<3

Guys. If you’re struggling to crack the hash your syntax for the tools are wrong. You can crack this hash in 30-90 seconds with the correct syntax. You need to give the tools what they need.

  1. The format of the hash.
  2. The wordlists.

If you’ve used John. You can’t just run John as standard good old John some more info to go on