Official Tenet Discussion

Type your comment> @k01n said:

Type your comment> @k01n said:

Any help with root? I’m a bit stuck here with privilege escalation

rooted! thanks to @HcKy and @egarcia

Can i pm you?

Fun box really enjoyed this

Haven’t been around for a while. Nice to be back! Enough has been said already, but I’ll still go ahead with my usual 2cents:
Foothold: once you get to the file you need to see, it should be obvious what you need to inject
User: it’s just there waiting for you
Root: get into the race and slip in what you need to. few lines of bash will do the trick.

thx for the box :slight_smile:

and thx to @egarcia for keeping me on track with foothold … was close to finding it but also close to giving up x-) …

@trab3nd0 said:

User: it’s just there waiting for you

I know where it is, but it is not readable (permissions r--------). Any nudges on how to get the proper privileges?

@typefreak2 said:

@trab3nd0 said:

User: it’s just there waiting for you

I know where it is, but it is not readable (permissions r--------). Any nudges on how to get the proper privileges?

Look for places where a password might be defined. Think about what you attacked to get where you are. Remember password re-use is a thing.

Rooted. Not one of the easiest boxes.

Some nudges for people who are stuck

Pre-user: Have a look at room info card. You may find a picture with interesting words.

User: There is one special script (Linux variant) you can run to gather some information. Run it and look for red-marked sentences.

Root: A bit harder. Study that special script. Look what it does with temporary files.

For me, hardest part was pre-user and user. Finding working exploit toke long time and testing.

This box was amazing. Required a bit of guess work at the start but User and Root was really fun. Foothold could be considered hard if you are not good at understanding source code but I managed to get it right by googling the stuff that looked interesting.

User: Some admins are lazy, basic enumeration will get you there.

Root: Again look at the code, maybe test it locally to understand it better. I’m sure there is a better way but a bash loop did the trick for me.

  • I think this is the simplest box in HackTheBox, a good enumeration is more than enough, and there is a lot of clue in word*****.

  • The root part, you just have to try to understand how the script works.

Contact me if you need any help. :wink:

Im not a pro, but this box was not that hard at all. I would say this was the best box I solved yet. Quite a fun.

Foothold: enumerate, then read. If you find the thing you need, look for the keyword, and google up! Just make sure you understand, what that thing does.

User: enumerate again. You will get this very easily :wink:

Root: again, enumerating is key. Scripting knowledge can help a lot.

PM if you need a nudge :slight_smile:

Just rooted this, user is easy, root needed some thinking. Fun box overall! Thanks to the creator

user is done but im stuck on root can anybody give me a nudge please?

Owned this box. Foothold is the hardest part. User: Enumerate all files. This is the easiest part of the box. Root: Read and understand the sh - file. The next part is to write a script. Have fun. PM me if you need help.

Rooted. Another fun box, particularly the foothold.

Got stuck on root and overcomplicated it but going back and doing it over solved the issue. My hint for this part is simplicity: it is as obvious as it looks.

Happy to help if needed.

I’m curious about the root part. I just got it but what I did was… ugly, at best. If someone wants to talk about it I’d like to know how others proceeded.
Anyway, that was fun, except the foothold part, I’m really not a fan of those guessing games :confused:

Foothold wasn’t too hard to guess, just make sure you’re searching in the right place. User trivial. Root was pretty fun because I wasn’t sure it would work.

One of the funniest machine, but maybe the user part was too easy ?
Here are my hints:

Foothold

Make sure to read every word of the comment made by user nl in w***s. Then try to look for what he is talking about.

User

The user was really too lazy, he should have use more than one credential

Root

The funniest root I have ever got. I made a really ugly thing to get it (according to @dragonista), and I loved the fact that I didn’t have to struggle a lot to find the clue… indeed I haven’t searched nothing at all !

I suppose things are only easy if you know how, and I didn’t.

However this is now my new favourite box! Made many silly errors that helped me learn a great deal, especially with rooting the box. I’m curious how others had done theirs. Will have to wait a while for the ippsec vids.

Foothold:
imagine the url as a mirror.

User:
Well…if you’ve got this far, you will know this step.

Root:
Something is ‘masquerading’ in the detail, understand what it is and then off to the races! Write something to help you win!

Thank you to @egotisticalSW for creating this gem of a box!

Rooted!
All possible hints in the thread and the foothold is very similar to Time IMO.
I’ll leave this here

FOOTHOLD: Neil should have known better than to leave it in the COMMENT.
USER: Don’t overlook anything in the directory you landed, read them all.
Root: Enumerate, find the script and manage to overwrite it.

Funny box actually :blush:

Foothold : look at conversation + php docs
user : find pass like usual 'conf'
root : read script + loop