Official Doctor Discussion

Could someone DM me a nudge for the initial foothold, I have found the me****ing app and have made an account. I have found something also I think I can exploit as a particular page is giving back to me what I leave but im not sure where to go from here! Any help would be great!

Just rooted. the foothold was the most hard part in the box.
DM for clues but tell me your progress first.

Just rooted. This is my first machine in HTB. Definitely not easy in my (beginner’s) opinion.
Learned a lot of things.
Good luck for the others :slight_smile:

Rooted!

foothold is the hardest part by far, past that is just enum and google fu.

Although reading the forum there is two ways to get the foothold? Could I PM someone about the second way?

pm if you need hints

I got that it’s mean to be S**i but no idea where to go from here. I have tried all sorts of characters in almost every box with no visible issues anywhere.

Please PM if you have any hints, I’m likely missing something staring me in the face.

@rtm516 said:

I got that it’s mean to be S**i but no idea where to go from here. I have tried all sorts of characters in almost every box with no visible issues anywhere.

Assuming you got have the correct letters for ** in that bit, then it is likely that you haven’t fully enumerated the pages to see what happens when you submit.

User: Look for the contact info.
Root: Checkout what you initially found during recon.

Rooted!
I think characterizing this as an easy box is probably right.
DM for help :slight_smile:

Type your comment> @rtm516 said:

I got that it’s mean to be S**i but no idea where to go from here. I have tried all sorts of characters in almost every box with no visible issues anywhere.

Please PM if you have any hints, I’m likely missing something staring me in the face.

I’m the same with you, have you solved? can you nudge me a little?

Stuck in S**I for a day, I can’t found anything more. if someone could nudge me, I will be very appreciative.

I’ve been banging my head against this for hours now. I can’t find anything other than the Splunk Forwarders page. Any nudge would be greatly appreciated.

@chaoskreator said:

I’ve been banging my head against this for hours now. I can’t find anything other than the Splunk Forwarders page. Any nudge would be greatly appreciated.

Pay close attention to the other website. It has some vital information hidden in plain sight.

Finally rooted! It was a fun box, definitely humbles you… Once you gain foothold, enumerate well on all services and check out what high ports might be vulnerable. Then I suggest google to see where that would store the credentials :wink:

I would appreciate a nudge for finding and exploiting the S**i vulnerability. Been looking for hours and I just don’t see it…

@h0ll0w666 said:

I would appreciate a nudge for finding and exploiting the S**i vulnerability. Been looking for hours and I just don’t see it…

Two things:

  • make sure you know the right pages to look at to trigger anything you’ve injected
  • make sure you have the right two letters in between the S and i.

Got root today. Fun box! Initial foothold was definitely the toughest.

Feel free to DM if you find yourself stuck and need a nudge.

faced a rabbit hole while trying to get root. Noticed that python2 binary has cap_sys_ptrace capability. And I thought it is the way to root, but after several hours I realized that kernel.yama.ptrace_scope is set on Ubuntu and there is no possibility to change it on runtime…

Finally got root, nice box, not so easy as I thought!

can anyone help with the foothold im on m*******g and know i will need to exploit si but nothing works. i also found the a*e where titles show up but no si

@karimwassef said:

can anyone help with the foothold im on m*******g and know i will need to exploit si but nothing works. i also found the a*e where titles show up but no si

Do you have the right s**i?

Initial foothold was a little difficult, but everything after that was pretty straightforward. Plenty of tips in this thread but PM me if you need a nudge.