i̶v̶e̶ ̶g̶o̶t̶ ̶u̶s̶e̶r̶,̶n̶e̶e̶d̶ ̶h̶e̶l̶p̶ ̶w̶i̶t̶h̶ ̶d̶*̶ ̶u̶s̶e̶r̶.̶ ̶n̶u̶d̶g̶e̶s̶ ̶a̶r̶e̶ ̶a̶p̶p̶r̶e̶c̶i̶a̶t̶e̶d̶.̶
rooted
Made a note of the root password 4 separate times without following up on it facepalm finally got root though.
@Arty0m same… I really need to get into the habit to take proper notes and automate this stuff so I won’t push it back for “later”. Because “later” apparently means a month to me.
Anyhow, I am so glad I didn’t go through the effort to read up on, compile and run l**r****n, wait about an hour and realize it doesn’t work in this env anyway just because it’s like the 2nd google result for ****** privesc
rm -rf /tmp/htb_nomad
Can anyone help out with the py script, The script says runs successfully but I donot get a shell, Can I DM anyone ??
[EDIT]* Got the shell
Rooted
Learned a few things in the way, including how to read tool output
any help with root please?
Type your comment> @TazWake said:
@k01n said:
any help with root please?
Enumerate, find loot, privesc, escape, get root on box.
Rooted!
Is something going on with this box? I’m getting a HTTP 502 error where, login was loading fine earlier. Back up.
anyone can PM me i cann’t get the reverse shell.
Easy and fun box, here are my hints
Foothold
Versions are important, you should do nothing more than run a cmd to get the initial shell
Co******r Root
There is a fantastic hint that I should have listen before spending a lot of time in enumeration… page5, @blacViking (thanks man !)
Actual Root
What can you do and what is your goal ? Google it and you’ll be free.
If you need help, feel free to PM
Rooted, thanks to @Shubhamz007 and @DarkRider88
Rooted. Fun box.
Rooted, pretty fun and easy box.
PM me if needed
I keep getting a connection to my nc listener, but I can’t run anything after the initial connection. anyone have advice/solution?
I’m don’t receiving connections on my nc listener. I’m normal exploit from edb, any suggestions? I’ve read that i need to do some tunning but i don’t know where (i’ve tried using another reverse shell). Any minimum help would be appreciated
I’m don’t receiving connections on my nc listener. I’m normal exploit from edb, any suggestions?> @BoWyatt said:
I’m don’t receiving connections on my nc listener. I’m normal exploit from edb, any suggestions? I’ve read that i need to do some tunning but i don’t know where (i’ve tried using another reverse shell). Any minimum help would be appreciated
I got a shell with another script but i want to understand the most popular ones. Still figuring out why im not receiving with the other script.
I’m stuck on how to get du** user. Enumeration and linpeas did’nt get me useful things, any hint ?
@UVision said:
I’m stuck on how to get du** user.
Double check you need to get this user account.
Enumeration and linpeas did’nt get me useful things, any hint ?
Yes, enumerate more. To steal a phrase from PWK/OSCP, it really is a “try harder” here.
Your enumeration needs to look at an unusual folder which might hold things people use to store stuff.
@TazWake I have for now listed the directories accessible for writing without having seen an interesting info, I guess I must have missed it.