Official Ready Discussion

16781012

Comments

  • @TazWake Indeed not, is there a good command for that ? All commands founded on the web doesn't work for me.

  • Resolved : the only "uncommon" folder in my case is the assets folder situated in /, but I don't think it is the right way.

  • @UVision said:

    @TazWake Indeed not, is there a good command for that ? All commands founded on the web doesn't work for me.

    Well, there is but it would be insanely noisy as you can look at most files on the OS. Simply searching for readable files is easy but I don't know how you would narrow down the output. You could try something like:
    find / -type f -perm -a+w 2>/dev/null
    but it might need some tweaking.

    Manual enumeration is more effective.

    If you look in / there is a folder for things people can decide if they want or don't want to install. In there is a folder which is probably not present on your own Linux system. It is worth looking in there.

    Note: I am not going to be available much in September.

    TazWake

    Note: https://www.nohello.com/

    Happy to help people but PLEASE explain your problem in as much detail as possible! If you say vague things like "It's not working", I cant help. This isn't Twitter so my DMs are always open.

  • @TazWake Thanks for these nudges, I founded an ssh private key, I hope that is the right way to get user...:D

  • @UVision said:

    @TazWake Thanks for these nudges, I founded an ssh private key, I hope that is the right way to get user...:D

    Well, it is interesting and it certainly wasn't something I found.

    Bear in mind.

    • you have a user account.
    • if you find something that doesn't seem to work, try it somewhere else.
    • you have a couple off hoops to jump through to get from where you are to the root flag.

    Cast your mind back to my first response. What user are you trying to get and do you really need it ?

    Note: I am not going to be available much in September.

    TazWake

    Note: https://www.nohello.com/

    Happy to help people but PLEASE explain your problem in as much detail as possible! If you say vague things like "It's not working", I cant help. This isn't Twitter so my DMs are always open.

  • edited January 25

    @TazWake so bad that I'm not in the good way. From you response, I'm a bit confused : is the "****" user is necessary to get root ? Or as I already own the user flag, it is not ?

  • edited January 25

    @UVision said:

    @TazWake so bad that I'm not in the good way. From you response, I'm a bit confused : is the "****" user is necessary to get root ? Or as I already own the user flag, it is not ?

    It is not necessary. You can drop me a direct message if you are still stuck.

    Note: I am not going to be available much in September.

    TazWake

    Note: https://www.nohello.com/

    Happy to help people but PLEASE explain your problem in as much detail as possible! If you say vague things like "It's not working", I cant help. This isn't Twitter so my DMs are always open.

  • @TazWake I send you a Dm, it is a better way indeed.

  • Fun box, nothing too complicated, yet I spent way too much time on root forgetting about basic rules about what users do with their passwords...
    That box made me a pro hacker, that's a milestone !
    Good luck to everyone, I don't have much to help you, everything important has been said already !

    dragonista

  • edited January 30

    Got user; got root (thank you @TazWake and @Shad0wQu35t). Could someone PM me and explain why it was necessary to m***** /***/****? Please remove if that is too much info but once I had root the way I got to root.txt is not clear to me (I know then how did I get it? - Google!). But still not clear on how Gitlab (or something else?) interacts with the "f--- s-----".

  • Fun box. I was stuck longer than I want to admit on trying whatever I could find to get root2. Thanks @unknown101 for the public hint, which is to do it by hand, with a simple trick.

    Paddon

  • Rooted, if anyone needs a nudge in the right direction, feel free to DM me.

  • just reset this box but there is no flag under /root ... am i missing something?

  • @AusFrog said:

    just reset this box but there is no flag under /root ... am i missing something?

    Then you probably aren't done, yet. The princess is in another castle, Mario AusFrog .


    Hack The Box
    OSWE | GREM | OSCE | GASF | eJPT

    Feel free to PM me your questions, but please explain what you tried, so far.

  • Type your comment> @HomeSen said:

    @AusFrog said:

    just reset this box but there is no flag under /root ... am i missing something?

    Then you probably aren't done, yet. The princess is in another castle, Mario AusFrog .

    Thanks for the nudge/mario reference, exactly what i needed.

  • Hello guys, i have tried nmap and browser...but i'm not getting anything. Can anyone help me where should i start with?

  • @yyugam said:

    Hello guys, i have tried nmap and browser...but i'm not getting anything. Can anyone help me where should i start with?

    Nmap should tell you what ports are open and one should allow a browser connection.

    If you aren't getting anything, you might want to check you are connected to the VPN.

    Note: I am not going to be available much in September.

    TazWake

    Note: https://www.nohello.com/

    Happy to help people but PLEASE explain your problem in as much detail as possible! If you say vague things like "It's not working", I cant help. This isn't Twitter so my DMs are always open.

  • Finally rooted the box. The best thing I learnt in this box probably how to turning dumb shell into fully interactive tty haha, before doing that I always overlooked long text files because I couldn't read all of them..

    Thanks for the nudge @TazWake

  • I liked this box. Easy but good one. Getting root was not so easy for me BTW. Feel free to dm me for nudge. Have Fun.

  • Rooted, this machine is even easier than some "easy" machine

  • just got root!

    in hindsight if it is not the first time you deal with g* and d*, it's a very typical thus commented as easy machine
    well i just went blank and started autodrive mode poking at stuff, should have been more planed, as it is not THAT different from a web noob box (which is pretty much all i've been dealing with), i guess repo and source code panicked me lol

    not at a postion giving nudge for this box, as i have no idea how to point out the road without saying the filenames >_>

    just realize inline not obvious is largely due to my display setting, sorry for the spammy tries, also


    Note: TazWake is not going to be available much in August.
    gcc -Wall -Wextra -g
    

    what_what

  • Finally rooted with all the hints provided above and did some Googling for the root part. But, I am still feeling blur on how the root part works. Can someone DM me the explanation for the root part please?

  • Type your comment> @Cyberzombi3 said:

    Hey Guys, could I ask for a nudge oon upgrading the initial shell, having real troubles with it, i'm starting to think that its due to me using ZSH in Kali2020.4 as when backgrounding a task and foregrounding it everything seems to go to s***

    I have found that if you add the fg to end of "stty raw -echo; fg" it works fine.

  • Spoiler Removed

  • Rooted! quite a challenge for me this time.

    Initial Foothold: This was the easy part. There are plenty of resources out there if you know what to look for.
    User: Be really really carefull when checking the files. There is something interesting and you might pass it. Read every line.
    Root: You need to escape from where you are. Luckily tha machine contians more privileges than needed.

    Hope this helps.

  • User: Ez.
    Root: Quite hard. After you gain root, try to think inside of what are you right now. And how to escape it.

    Hint: When you obtain root.txt, don't forget to:
    rm -rf /mnt/*

  • Got Foothold but struggling with privesc a lot. I found some interesting files but don't know what to do with them. If anyone can give me a nudge it would be appreciated.

  • @Nosuma said:

    Got Foothold but struggling with privesc a lot. I found some interesting files but don't know what to do with them. If anyone can give me a nudge it would be appreciated.

    Look in something that doesn't normally exist on a Linux system. Read the files in there. Find the loot you need. Use it to escalate your privs. Escape the box you are in.

    Note: I am not going to be available much in September.

    TazWake

    Note: https://www.nohello.com/

    Happy to help people but PLEASE explain your problem in as much detail as possible! If you say vague things like "It's not working", I cant help. This isn't Twitter so my DMs are always open.

  • Got the root flag.

  • Finally got root flag. Thank you @TazWake for getting me to look again.

Sign In to comment.