NIbbles

FInally the joy of logging into the admin page! Got user.txt! Now onto priv esc!

tried combinations of default admin credentials as well as variations of Nibbles nibbles nibble etc etc - I know everyone kicks themself with the credentials but I tried all the obvious ■■■■

I swear I used those credentials :confused:

Spoiler Removed - Arrexel

Stuck with priv esc. I know the user files have a lot to do, but I can’t find a way how to exploit that. Any nudge, help, hint via PM would be really appreciated. I’m ready to facepalm myself already!

Actually the hard part was the admin login, because we have to positions as an owner of this system without any security mindset.

After get the access, try to enumerate what ever you can like a hacker.

All the information are useful.

Rooted!

Rooted, too - and I over-thought privilege escalation. Learned a lot about upgrading dumb shells to full terminals which i did not need in the end. I think I discarded the simpler way of doing things because I took an irrelevant timeout error too seriously and was too impatient … and then went on to search more complicated solutions.

I’m new to htb and trying nibbles for hours, please give me a hint . PM me

can someone PM plz. need a help with that privileged file!!

G0t r00ted!

Hi, I am new on the HTB.

I have logged in to the admin panel and trying to upload the shell, but I am not getting any reverse connection. I have opened ports on my router also, but still I am not getting any reverse connection. I have tried 3-4 different payload but still nothing. Can some give me a hint.

@Aijaz said:
Hi, I am new on the HTB.

I have logged in to the admin panel and trying to upload the shell, but I am not getting any reverse connection. I have opened ports on my router also, but still I am not getting any reverse connection. I have tried 3-4 different payload but still nothing. Can some give me a hint.

Never Mind…I have got the access…it was a silly mistake from my side…now for user.txt

EDIT 1 :- Got the user.txt…on to root flag…I have no idea on how to process further,am stuck. Can some help me.

Guys, can anyone help me with the priv esc? Please drop me a message. I would really appreciate your help. I have tried a lot of stuff, no luck so far. Please reach out to me.

Got the root too. (y) :smiley:
If anyone needs help, drop me a message. I’ll be glad to help you out! :slight_smile:

Nibbles rooted

Finally got the root!! big thanks to @codenameroot :wink:

@lahirukkk said:
Finally got the root!! big thanks to @codenameroot :wink:

Ah. You’re welcome man. :slight_smile:

Any tips for root??

any tip to got root prev ?