Official Luanne Discussion

12346

Comments

  • rooted finally. PM for hints if needed

    HcKy

    Happy to help. If any of my rambling is useful consider leaving some respect.

  • rooted, finaly!

    Foothold: You should take a look more carefuly at the parameters
    User: Way hard than root. Sometimes you should take care of things from the inside, once you get it, you'll get the job done.
    Root: Stay at home :)

    Thanks for @clure @TazWake and @badman89 . This was hard, seriously.

    Security+

    Hack The Box

  • Hello everyone leaned alot from this box although i still have a quick question. When I reattempt the box, as my second time... When generating the ssh key for user... I gets frozen half way while retrieving the key... I’m not sure why it won’t show the full key..... only half of it and just stuck... missing other half of the key... any suggestions? Appreciate it.

  • edited January 17

    Stuck trying to figure out how to get shell as the r*******s user, found the dev copy but no idea what remains vulnerable.

    Edit: Found it, was wondering when I'd find a box with this! :smile:

  • edited January 18

    Hi guys,
    I'm currently shell as _****d but I cannot find a way to get to the correct user...
    I saw the same service as the one I used to get my shell but it seems that the exploit have been fixed, I also got the file of the initial service but the code don't help me more... any clue ?

  • @seniuus said:

    Hi guys,
    I'm currently shell as _****d but I cannot find a way to get to the correct user...
    I saw the same service as the one I used to get my shell but it seems that the exploit have been fixed, I also got the file of the initial service but the code don't help me more... any clue ?

    Check how the new thing was started. It might lead you to discovering something that will help you get to where you want to go.


    Hack The Box
    GREM | OSCE | GASF | eJPT

    Feel free to PM me your questions, but please explain what you tried, so far.

  • edited January 18

    Type your comment> @HomeSen said:

    @seniuus said:

    Hi guys,
    I'm currently shell as _****d but I cannot find a way to get to the correct user...
    I saw the same service as the one I used to get my shell but it seems that the exploit have been fixed, I also got the file of the initial service but the code don't help me more... any clue ?

    Check how the new thing was started. It might lead you to discovering something that will help you get to where you want to go.

    Yeah I tried the service locally, I tried searching in /p**c to find info on the process but nothing (to see the new code) and I don't have access to r.*******s directory, does it have smth to do with l*****c and h***d ?

  • @seniuus said:

    Type your comment> @HomeSen said:

    @seniuus said:

    Hi guys,
    I'm currently shell as _****d but I cannot find a way to get to the correct user...
    I saw the same service as the one I used to get my shell but it seems that the exploit have been fixed, I also got the file of the initial service but the code don't help me more... any clue ?

    Check how the new thing was started. It might lead you to discovering something that will help you get to where you want to go.

    Yeah I tried the service locally, I tried searching in /p**c to find info on the process but nothing (to see the new code) and I don't have access to r.*******s directory, does it have smth to do with l*****c and h***d ?

    You are on the right track. I've PM'd you to avoid spoilers.


    Hack The Box
    GREM | OSCE | GASF | eJPT

    Feel free to PM me your questions, but please explain what you tried, so far.

  • edited January 21

    Hi, I'm having problems with foothold. I have RCE, I've tried some basic commands like id, cat or ls with options and no problem at all. I can even ** back to my system and get a connection but can't spawn a shell, or if I'm spawning one I've no feedback at all. Any help?

    Nevermind.

  • Need some help with the user, I am literally banging my head to the keyboard. I can see that the bug has been patched not sure where to go next?

    Thanks in advance.

  • After days stuck in a rabbit hole on Delivery, now working again on this machine. But, as expected, as solid as poured concrete.

    I have a reverse shell. I also found a hash, cracked it, but nevertheless this doesn't help me escalate to the r. user

    Also found a certain command / *** / *** exec / ***** I think I can do something with this, but I have no idea what.

    So two concrete questions:
    1. Is this indeed very promising? If not what then?
    2. And if so, which logic / process should I follow?

    Thank you in advance for your nudges

  • @mrZapp said:

    After days stuck in a rabbit hole on Delivery, now working again on this machine. But, as expected, as solid as poured concrete.

    I have a reverse shell. I also found a hash, cracked it, but nevertheless this doesn't help me escalate to the r. user

    Also found a certain command / *** / *** exec / ***** I think I can do something with this, but I have no idea what.

    So two concrete questions:
    1. Is this indeed very promising? If not what then?
    2. And if so, which logic / process should I follow?

    Thank you in advance for your nudges

    It is. Check what it is doing. One of its features will help you advance to your goal.


    Hack The Box
    GREM | OSCE | GASF | eJPT

    Feel free to PM me your questions, but please explain what you tried, so far.

  • Hey y'all. I've got the limited privilege shell and found the s** key for r.******* but not sure how to use it. Can anyone give me a nudge?

  • edited January 22

    Type your comment> @Butterflyy said:

    Hey y'all. I've got the limited privilege shell and found the s** key for r.******* but not sure how to use it. Can anyone give me a nudge?

    you use ssh key files with this command
    ssh -i FILE [email protected]

    no idea if ssh is a spoiler but 99% of boxes have it running so i wouldn't think so

    HcKy

    Happy to help. If any of my rambling is useful consider leaving some respect.

  • Not a fan of this box at the moment. Goes up and down and I'm pretty sure the way the box is configured all the massive scans going on ain't helping.

    GRID, GPEN

  • Type your comment> @weeeeeeeeee said:

    Not a fan of this box at the moment. Goes up and down and I'm pretty sure the way the box is configured all the massive scans going on ain't helping.

    Started a vip account... finished it with an hour of me signing up. amazing what you can get done.

    GRID, GPEN

  • Any hint to get the foothold ? I found the /w****/f****/c*** parameter, but I can't find what I could "inject" into it.

  • Honestly i think this was pretty hard. Harder than some of the other ones at least.

    My little hint for foothold: Look at the box name, escape the code after parameter value, encode it and then comment it.

  • edited February 2

    Tough box, espacally of the few rabbit holes and also the p**g command does not work, so i always thought my in**tion does not work. The user part i have glady seen bevor on another box in the past. The Root part was also not too easy for me couse i thought i have to use open***. But finally got it :) If anyone need help, just pm me.

    sec77

  • @mach1ne I really don't find what to put after this parameter despite my research it's hopeless:D

  • hey guys. can anyone give me a nudge, or brief explanation about how that service on port 3*** works? I solved it with tips, however how can someone find that logic of the service in the first place? any help is appreciated:)

  • @sec1pps said:

    hey guys. can anyone give me a nudge, or brief explanation about how that service on port 3*** works? I solved it with tips, however how can someone find that logic of the service in the first place? any help is appreciated:)

    Look at how it was started and you will find why you get the information you got ;)


    Hack The Box
    GREM | OSCE | GASF | eJPT

    Feel free to PM me your questions, but please explain what you tried, so far.

  • Hi guys, I want to get a reverse shell using the ci** parameter. I used a command that worked for a friend, but it has been impossible for some time to use it, both for me and for him... I get this error: "
    Lua error: /usr/local/webapi/weather.lua:49: attempt to call a nil value"

  • @UVision said:

    Hi guys, I want to get a reverse shell using the ci** parameter. I used a command that worked for a friend, but it has been impossible for some time to use it, both for me and for him... I get this error: "
    Lua error: /usr/local/webapi/weather.lua:49: attempt to call a nil value"

    When something doesn't work that should work, try resetting the machine.


    Hack The Box
    GREM | OSCE | GASF | eJPT

    Feel free to PM me your questions, but please explain what you tried, so far.

  • I have already reset the machine more than 4 times, without success.

  • edited February 4

    @UVision said:

    I have already reset the machine more than 4 times, without success.

    PM'd you.


    Hack The Box
    GREM | OSCE | GASF | eJPT

    Feel free to PM me your questions, but please explain what you tried, so far.

  • Thank you @polarbearer. Was a nice box. Learned some new things.

    Tips:

    • Enumeration, enumeration, ... & read the information you get carefully.
    • Once you figured out what OS it is try to google for alternative ways/tools for this very OS if your usual way does not work.
  • Finally got the root flag:) many thanks to @HomeSen to his (big) help.

    Feel free to pm me if you want some hints.

  • Well, that was a pretty difficult "easy" box, but really only because it uses software most people, including myself, are not familiar with.

    The hardest parts for me were foothold and user. But, the information is all there, there is really very little guesswork or brute forcing.

    Foothold: Do basic enumeration and play around with what you find. If you cause an error to occur, you're getting warmer. Learn about the technology behind it and remember that before you can say something new, you have to finish what you were saying before ;)

    User: This stumped me for a while, but all of the hints are there, really. Enumerate and you will find something that's not available from the outside. Forget trying the same thing as before, it won't work. Also, consider that while the name of the program looks very familiar, it is actually something different. Study the manpage and what every option does and you will find the way forward.

    Root: Stay where you are, you will not have to look very far. Everything you need is right there. :) Just remember everything is just a bit different than you're used to.

    badge

Sign In to comment.