Hi guys. I have been stuck at privesc on NIX02 from F to root for a few days now. I have identified that we must be talking about p***** lib**** h******** but I simply cannot make it work (seems like the way the script gets called does not execute the code?). I have watched all Ippsec’s videos about it and googled. Could someone please PM me a hint. Thanks
Hmm… I got the first flag reasonably quickly, but am quite stuck with the second flag. After looking at the interesting information, I know that the target was not very wise. I’m assuming r******.*** is not the right way?
Edit: Finally got second flag… The small nudge from @michael7474 above helped!
Any nudge on NIX02 root? I’ve read the user flag but can’t seem to find anything regarding getting root. All possible paths for the vuln has been enumerated with no luck.
Hola everyone. Hoping to have a sanity check here. I’m on the initial machine. I’ve found the three ports, grabbed the info from the first, and have been trying for some time to brute force the WP login. Being as there doesn’t appear to be any vulnerable plugins or themes, I’m guessing the path is bruteforcing the login page.
Is this correct? And if so, is it doable with rockyou or is something else necessary? I’m 46,000 passwords in to rockyou and nothing yet.
Is this correct? And if so, is it doable with rockyou or is something else necessary? I’m 46,000 passwords in to rockyou and nothing yet.
With a huge caveat that I haven’t looked at any of the problabs, so I could be totally wrong, but in general this would be a sign that its not the right way to go. As a rule of thumb, HTB shouldn’t need long brute force attacks.
Hopefully someone who has done this box will be able to add more context.
Is this correct? And if so, is it doable with rockyou or is something else necessary? I’m 46,000 passwords in to rockyou and nothing yet.
With a huge caveat that I haven’t looked at any of the problabs, so I could be totally wrong, but in general this would be a sign that its not the right way to go. As a rule of thumb, HTB shouldn’t need long brute force attacks.
Hopefully someone who has done this box will be able to add more context.
My guess too. I don’t really do anything on this platform, so not sure what to expect.
What is happening to Jenkins machine? Can’t access the webpage on it’s port. Can access anything else. If anybody used Jenkins to run their shell, please create a 2nd one after that shell and stop the one on jenkins dashboard.