Official Luanne Discussion

2456

Comments

  • Finally Rooted! But honestly again after Laboratory this was marked easy but wasn't just like the one before! Lot of new things to learn and its easy for only those who have seen exactly this stuff before.
    But overall its a nice well made box for sure! thanks @polarbearer !

  • Spoiler Removed

  • edited November 2020

    Type your comment> @Eren said:

    Somebody can give a hint? I am stuck at json cities part.

    I believe they've misspelled one of the cities, did you check that direction ?

    edit: the "misspelled" i wrote is not imply on an actual misspelling.

    aimforthehead

  • Type your comment> @exord26 said:

    one more time its not a easy machine !

    I totally agree, it looks really like CTF based, do not like such stuff.
    Rooted already, but not so fun as it was with another BOXes.

  • got shell for _* user,
    currently moving to get r.* user

    aimforthehead

  • Wouldn't have done it without a nudge....

    Cool box, but the ratings lately are completely meaningless. Any newjoiner with basic knowledge would be put off by the last two easy boxes which weren't easy at all; and last week's HARD only has 20 roots after more than a week which prob put it in the same basket as most INSANE machines.

    lebutter
    eCPPT | OSCP

  • I dont think im doing the correct command for root. Im using net*** to de***** the file in ba***** but its giving me random characters that are not on a keyboard. Can someone PM me a nudge?

    Hack The Box

  • Just rooted the machine.

    # whoami && hostname
    root
    luanne.htb
    

    I enjoyed the box! A nice break from the Insane and Hard box I recently completed. I would say this is a little harder than easy, but not too difficult. I haven't read through the discussion yet to see what hints have already been given so I'll refrain until I have.

    In the meantime, feel free to DM me if you need a nudge. :smile:

    zalpha
    OSCP | CISSP | CSSLP

    Respect always welcome if I can help you: https://www.hackthebox.eu/home/users/profile/140630

  • any nudge to root?

  • Type your comment> @DancinHype said:

    I dont think im doing the correct command for root. Im using net*** to de***** the file in ba***** but its giving me random characters that are not on a keyboard. Can someone PM me a nudge?

    @DancinHype said:
    I dont think im doing the correct command for root. Im using net*** to de***** the file in ba***** but its giving me random characters that are not on a keyboard. Can someone PM me

    you should try something else somewhere

  • Type your comment> @hb86125295 said:

    Type your comment> @DancinHype said:

    I dont think im doing the correct command for root. Im using net*** to de***** the file in ba***** but its giving me random characters that are not on a keyboard. Can someone PM me a nudge?

    @DancinHype said:
    I dont think im doing the correct command for root. Im using net*** to de***** the file in ba***** but its giving me random characters that are not on a keyboard. Can someone PM me

    you should try something else somewhere

    Yeah I figured it out and rooted im just a little slow on figuring out where I can C***** files :)

    Hack The Box

  • Was confused in the begining, thanks @Goggstar and @atomman for the help!

    whoami && id

    root
    uid=0(root)

  • I think I am a good hacker for a 15-year-old :) I like 'hack the box'.

    Hack The Box

  • edited November 2020

    Root obtained - thanks to @DancinHype for the pointer on priv esc.

    Overall, not an easy box to be honest. Requires some oddly specific steps which didn't feel very discoverable compared to other easy boxes. Definitely a Medium at least.

  • Type your comment> @tyrantwave said:

    Root obtained - thanks to @DancinHype for the pointer on priv esc.

    Overall, not an easy box to be honest. Requires some oddly specific steps which didn't feel very discoverable compared to other easy boxes. Definitely a Medium at least.

    Dont worry others recently have been saying that the difficulty seemed off. And my post right above this lol.

    Hack The Box

  • edited November 2020

    Got a shell, but am now drawing a blank, since none of the scripts returned anything useful. Got a few passwords, but they don't work for the desired user.
    Should I hunt for more creds (though I can't imagine where to find more), or am I on the wrong track?
    Never had to deal with such systems (AFAIK), so no idea where to continue hunting.


    Hack The Box
    GREM | OSCE | GASF | eJPT

  • edited November 2020

    Type your comment> @HomeSen said:

    Got a shell, but am now drawing a blank, since none of the scripts returned anything useful. Got a few passwords, but they don't work for the desired user.
    Should I hunt for more creds (though I can't imagine where to find more), or am I on the wrong track?
    Never had to deal with such systems (AFAIK), so no idea where to continue hunting.

    yup, same exact situation, BUT, as our fellow @TazWake always says - try and used the loot in other services.

    I'm currently trying to understand the usage of libex** with that 3*** port.

    aimforthehead

  • edited November 2020

    The weather isn't getting me anywhere. r.**** seems promising but no credentials found yet. Got into the "other" website and found some info. But I am stuck at the moment. Am I going in the right direction? First time trying an active box and it is challenging.

  • Funny thing about the weather - we always like to complain about it, especially when what we expect is wrong.

    Servers, like us Brits, are alike in this.

  • Got root! It was very interesting experience, especially with privilege escalation, it seems pretty straightforward now, but you have to use some os specific commands

  • edited November 2020

    A bit CTFy. My 2cents:
    Foothold: play around with that parameter
    User: enum and pay attention to how the app is run, but it still won't make much sense at the end
    Root: a bit of further enum and a couple of OS-specific tools and you're done

    Also, I see there is yet another discussion about the difficulty. It's always going to be subjective. I stopped paying attention to that a while ago.

  • edited December 2020

    rooted, nice box.
    was stuck for a few hours because of '~'.
    thanks @polarbearer
    and thanks @trab3nd0 for his help also.

    aimforthehead

  • stuck on foothold, hmmm. I love these cryptic ones with not much info to go on :)

    Arrexel

  • Nice to see a little variety in the OS types on htb.
    hints:
    Foothold: parameter needs some closure to move on
    User: do some local authorized browsing
    Root: more common tools you might be used to won't work - find the safer and simpler os specific tools and you're done

  • Easy box? 😡🤬

  • stuck on root

  • Anyone able to assist? I think i have found the parameter i need to change but not sure to what.

  • Type your comment> @wooly13 said:

    Anyone able to assist? I think i have found the parameter i need to change but not sure to what.

    PM me.

    aimforthehead

  • Didn't like this machine... User was a little tricky and not an easy one but root was easy just stay home you will find something, simply ! Pm for nudge

    Why 50 53R10U5

  • Rooted. Wouldn't mind having a chat with someone who got user without any hint / without reading the forum here.

    There's a specific detail that I really only got by a random guess based on what someone said here. I'd like to know how I should have figured it out the "proper" way so I can learn something.

    Hack The Box

Sign In to comment.