NIbbles

I’m trying to get the root, I ran the bash script but I’m having the following error:
/bin/bash monitor.sh -i nibbler
TERM environment variable not set.
su: must be run from a terminal
Installation failed

@delusionmoon said:
are cronjobs relevant for priv esc in this machine?

well… personally I r00ted w/o them…

Need some help with Priv Esc. Have located the file that does not need passwd for root, have gone through artcles on sudo abuse. every time I run the script I get promted for a password. Have gone through all the comments and still not able to figure out the execution method. Could someone nudge me a bit further? happy to PM if any one’s around

Never Mind… Just rooted it. Found the issue. As mentioned before it’s all in the details. All I can say is that not all programs are in their proper location. hope it’s not too spoilery

Struggling a little bit to find the initial credentials. Would appreciate a PM if someone has an opportunity to help confirm I am on the right track.

FInally the joy of logging into the admin page! Got user.txt! Now onto priv esc!

tried combinations of default admin credentials as well as variations of Nibbles nibbles nibble etc etc - I know everyone kicks themself with the credentials but I tried all the obvious ■■■■

I swear I used those credentials :confused:

Spoiler Removed - Arrexel

Stuck with priv esc. I know the user files have a lot to do, but I can’t find a way how to exploit that. Any nudge, help, hint via PM would be really appreciated. I’m ready to facepalm myself already!

Actually the hard part was the admin login, because we have to positions as an owner of this system without any security mindset.

After get the access, try to enumerate what ever you can like a hacker.

All the information are useful.

Rooted!

Rooted, too - and I over-thought privilege escalation. Learned a lot about upgrading dumb shells to full terminals which i did not need in the end. I think I discarded the simpler way of doing things because I took an irrelevant timeout error too seriously and was too impatient … and then went on to search more complicated solutions.

I’m new to htb and trying nibbles for hours, please give me a hint . PM me

can someone PM plz. need a help with that privileged file!!

G0t r00ted!

Hi, I am new on the HTB.

I have logged in to the admin panel and trying to upload the shell, but I am not getting any reverse connection. I have opened ports on my router also, but still I am not getting any reverse connection. I have tried 3-4 different payload but still nothing. Can some give me a hint.

@Aijaz said:
Hi, I am new on the HTB.

I have logged in to the admin panel and trying to upload the shell, but I am not getting any reverse connection. I have opened ports on my router also, but still I am not getting any reverse connection. I have tried 3-4 different payload but still nothing. Can some give me a hint.

Never Mind…I have got the access…it was a silly mistake from my side…now for user.txt

EDIT 1 :- Got the user.txt…on to root flag…I have no idea on how to process further,am stuck. Can some help me.

Guys, can anyone help me with the priv esc? Please drop me a message. I would really appreciate your help. I have tried a lot of stuff, no luck so far. Please reach out to me.

Got the root too. (y) :smiley:
If anyone needs help, drop me a message. I’ll be glad to help you out! :slight_smile: