Finally Rooted! But honestly again after Laboratory this was marked easy but wasn't just like the one before! Lot of new things to learn and its easy for only those who have seen exactly this stuff before.
But overall its a nice well made box for sure! thanks @polarbearer !
Cool box, but the ratings lately are completely meaningless. Any newjoiner with basic knowledge would be put off by the last two easy boxes which weren't easy at all; and last week's HARD only has 20 roots after more than a week which prob put it in the same basket as most INSANE machines.
I dont think im doing the correct command for root. Im using net*** to de***** the file in ba***** but its giving me random characters that are not on a keyboard. Can someone PM me a nudge?
I enjoyed the box! A nice break from the Insane and Hard box I recently completed. I would say this is a little harder than easy, but not too difficult. I haven't read through the discussion yet to see what hints have already been given so I'll refrain until I have.
In the meantime, feel free to DM me if you need a nudge.
I dont think im doing the correct command for root. Im using net*** to de***** the file in ba***** but its giving me random characters that are not on a keyboard. Can someone PM me a nudge?
@DancinHype said:
I dont think im doing the correct command for root. Im using net*** to de***** the file in ba***** but its giving me random characters that are not on a keyboard. Can someone PM me
I dont think im doing the correct command for root. Im using net*** to de***** the file in ba***** but its giving me random characters that are not on a keyboard. Can someone PM me a nudge?
@DancinHype said:
I dont think im doing the correct command for root. Im using net*** to de***** the file in ba***** but its giving me random characters that are not on a keyboard. Can someone PM me
you should try something else somewhere
Yeah I figured it out and rooted im just a little slow on figuring out where I can C***** files
Root obtained - thanks to @DancinHype for the pointer on priv esc.
Overall, not an easy box to be honest. Requires some oddly specific steps which didn't feel very discoverable compared to other easy boxes. Definitely a Medium at least.
Root obtained - thanks to @DancinHype for the pointer on priv esc.
Overall, not an easy box to be honest. Requires some oddly specific steps which didn't feel very discoverable compared to other easy boxes. Definitely a Medium at least.
Dont worry others recently have been saying that the difficulty seemed off. And my post right above this lol.
Got a shell, but am now drawing a blank, since none of the scripts returned anything useful. Got a few passwords, but they don't work for the desired user.
Should I hunt for more creds (though I can't imagine where to find more), or am I on the wrong track?
Never had to deal with such systems (AFAIK), so no idea where to continue hunting.
Got a shell, but am now drawing a blank, since none of the scripts returned anything useful. Got a few passwords, but they don't work for the desired user.
Should I hunt for more creds (though I can't imagine where to find more), or am I on the wrong track?
Never had to deal with such systems (AFAIK), so no idea where to continue hunting.
yup, same exact situation, BUT, as our fellow @TazWake always says - try and used the loot in other services.
I'm currently trying to understand the usage of libex** with that 3*** port.
The weather isn't getting me anywhere. r.**** seems promising but no credentials found yet. Got into the "other" website and found some info. But I am stuck at the moment. Am I going in the right direction? First time trying an active box and it is challenging.
Got root! It was very interesting experience, especially with privilege escalation, it seems pretty straightforward now, but you have to use some os specific commands
A bit CTFy. My 2cents:
Foothold: play around with that parameter
User: enum and pay attention to how the app is run, but it still won't make much sense at the end
Root: a bit of further enum and a couple of OS-specific tools and you're done
Also, I see there is yet another discussion about the difficulty. It's always going to be subjective. I stopped paying attention to that a while ago.
Nice to see a little variety in the OS types on htb.
hints:
Foothold: parameter needs some closure to move on
User: do some local authorized browsing
Root: more common tools you might be used to won't work - find the safer and simpler os specific tools and you're done
Didn't like this machine... User was a little tricky and not an easy one but root was easy just stay home you will find something, simply ! Pm for nudge
Rooted. Wouldn't mind having a chat with someone who got user without any hint / without reading the forum here.
There's a specific detail that I really only got by a random guess based on what someone said here. I'd like to know how I should have figured it out the "proper" way so I can learn something.
Comments
Finally Rooted! But honestly again after Laboratory this was marked easy but wasn't just like the one before! Lot of new things to learn and its easy for only those who have seen exactly this stuff before.
But overall its a nice well made box for sure! thanks @polarbearer !
Spoiler Removed
Type your comment> @Eren said:
I believe they've misspelled one of the cities, did you check that direction ?
edit: the "misspelled" i wrote is not imply on an actual misspelling.
Type your comment> @exord26 said:
I totally agree, it looks really like CTF based, do not like such stuff.
Rooted already, but not so fun as it was with another BOXes.
got shell for _* user,
currently moving to get r.* user
Wouldn't have done it without a nudge....
Cool box, but the ratings lately are completely meaningless. Any newjoiner with basic knowledge would be put off by the last two easy boxes which weren't easy at all; and last week's HARD only has 20 roots after more than a week which prob put it in the same basket as most INSANE machines.
eCPPT | OSCP
I dont think im doing the correct command for root. Im using net*** to de***** the file in ba***** but its giving me random characters that are not on a keyboard. Can someone PM me a nudge?
Just rooted the machine.
I enjoyed the box! A nice break from the Insane and Hard box I recently completed. I would say this is a little harder than easy, but not too difficult. I haven't read through the discussion yet to see what hints have already been given so I'll refrain until I have.
In the meantime, feel free to DM me if you need a nudge.
OSCP | CISSP | CSSLP
Respect always welcome if I can help you: https://www.hackthebox.eu/home/users/profile/140630
any nudge to root?
Type your comment> @DancinHype said:
you should try something else somewhere
Type your comment> @hb86125295 said:
Yeah I figured it out and rooted im just a little slow on figuring out where I can C***** files
Was confused in the begining, thanks @Goggstar and @atomman for the help!
whoami && id
root
uid=0(root)
I think I am a good hacker for a 15-year-old
I like 'hack the box'.
Root obtained - thanks to @DancinHype for the pointer on priv esc.
Overall, not an easy box to be honest. Requires some oddly specific steps which didn't feel very discoverable compared to other easy boxes. Definitely a Medium at least.
Type your comment> @tyrantwave said:
Dont worry others recently have been saying that the difficulty seemed off. And my post right above this lol.
Got a shell, but am now drawing a blank, since none of the scripts returned anything useful. Got a few passwords, but they don't work for the desired user.
Should I hunt for more creds (though I can't imagine where to find more), or am I on the wrong track?
Never had to deal with such systems (AFAIK), so no idea where to continue hunting.
GREM | OSCE | GASF | eJPT
Type your comment> @HomeSen said:
yup, same exact situation, BUT, as our fellow @TazWake always says - try and used the loot in other services.
I'm currently trying to understand the usage of libex** with that 3*** port.
The weather isn't getting me anywhere. r.**** seems promising but no credentials found yet. Got into the "other" website and found some info. But I am stuck at the moment. Am I going in the right direction? First time trying an active box and it is challenging.
Funny thing about the weather - we always like to complain about it, especially when what we expect is wrong.
Servers, like us Brits, are alike in this.
Got root! It was very interesting experience, especially with privilege escalation, it seems pretty straightforward now, but you have to use some os specific commands
A bit CTFy. My 2cents:
Foothold: play around with that parameter
User: enum and pay attention to how the app is run, but it still won't make much sense at the end
Root: a bit of further enum and a couple of OS-specific tools and you're done
Also, I see there is yet another discussion about the difficulty. It's always going to be subjective. I stopped paying attention to that a while ago.
rooted, nice box.
was stuck for a few hours because of '~'.
thanks @polarbearer
and thanks @trab3nd0 for his help also.
stuck on foothold, hmmm. I love these cryptic ones with not much info to go on
Nice to see a little variety in the OS types on htb.
hints:
Foothold: parameter needs some closure to move on
User: do some local authorized browsing
Root: more common tools you might be used to won't work - find the safer and simpler os specific tools and you're done
Easy box? 😡🤬
stuck on root
Anyone able to assist? I think i have found the parameter i need to change but not sure to what.
Type your comment> @wooly13 said:
PM me.
Didn't like this machine... User was a little tricky and not an easy one but root was easy just stay home you will find something, simply ! Pm for nudge
Why 50 53R10U5
Rooted. Wouldn't mind having a chat with someone who got user without any hint / without reading the forum here.
There's a specific detail that I really only got by a random guess based on what someone said here. I'd like to know how I should have figured it out the "proper" way so I can learn something.