Official Spectra Discussion

Type your comment> @Galapag0s said:

This was a fun box. I spent WAY too long on user.

Getting user isn’t hard if you look at the right file…but if you don’t good luck. (thank you to person who helped get me back on track.)

Root was a heck of a lot easier imo.

DM me if your stuck :smile:

can you help me a bit (guide to the right path) about user? Found a cred but already tried to connect to all users using that cred and didn’t work… I’ve been rummaging all directories but couldn’t find anything or missed

Edit : got user. I really overlooked this part…

Need a nudge for user.
Have run both linpeas and linenum but never noticed anything. have manually trawled through directories but not seeing anything.

This had to have been one of my favourite rooms recently. Thanks for the awesome room. The foothold was interesting and the root tested a few skills I hadn’t got used to.

Anyone can point me to the right direction?
Got my foot in, trying to pivot to the user but can’t find what everyone else found.

Type your comment> @umar0x01 said:

Type your comment> @AbuQasem said:

i spent hours trying to get a revshell and still cant get a connection back!
tried php,msfconsole,bash and even made my own pl**n but cant get a shell !!!

Make sure you’ve the URI in msfconsole set to right path!

Same here. Tried three different ways, they all fail. The box is sluggish when attemping two of the ways. I switched VPNs thinking that would help. Nope. Pretty strange, since the msf is straightforward and no tricks.

Type your comment> @phr0zengh0st said:

Type your comment> @umar0x01 said:

Type your comment> @AbuQasem said:

i spent hours trying to get a revshell and still cant get a connection back!
tried php,msfconsole,bash and even made my own pl**n but cant get a shell !!!

Make sure you’ve the URI in msfconsole set to right path!

Same here. Tried three different ways, they all fail. The box is sluggish when attemping two of the ways. I switched VPNs thinking that would help. Nope. Pretty strange, since the msf is straightforward and no tricks.

Look on Github, there are a few tools that will make the p****n for you, spawn a MS handler and once you upload the thing it made for you, you can a connection back. I couldn’t get any of my regular methods to work either so I found a tool and it worked.

Can somebody help with the first foothold? I don’ know what i searching for

Is the box glitched for anyone else? I have root but I can’t see anything in the root directory even after a reset.

Type your comment> @baegmon said:

Is the box glitched for anyone else? I have root but I can’t see anything in the root directory even after a reset.

Thats probably because you are in the docker as root and not the host… try running “hostname” to confirm…

Type your comment> @k01n said:

Can somebody help with the first foothold? I don’ know what i searching for

Enumeration is the key… try looking around the broken environment… you should be able to stumble on a juicy file that will immediately attract ur attention :wink:

I really enjoyed this box.

Big thanks to Galapag0s for the nudges!

Phew, spent way too many hours on foothold. Rest of the box is pretty straightforward from there. Overall this machine was a good lesson in taking a look at what you have before resorting to tools.

Thanks to Galapag0s as well for a nudge!

hi im new here if can someon show me how to start with hacking

Type your comment> @GHOSTanonymus said:

hi im new here if can someon show me how to start with hacking

Welcome to HTB. I great place to start is with the retired machines. Ippsec (find him on youtube) has some amazing walk throughs of the retired machines. Thats how I got started.

@Thanks bro but i dont have premiume so i cant do retired machines

The last two are available and there are still starting point & academy labs you can do without it costing money.

Its also worth watching the Ippsec videos even if you cant follow along.

However, this isn’t really related to the box so please start a new thread if you want to discuss this.

ou bro i think its cus i didnt select openvpn on port tcp 443

@GHOSTanonymus said:

ou bro i think its cus i didnt select openvpn on port tcp 443

It is still easier if you start a new thread or ask this in the threads already open for the machine you are working on, where other people can answer.

Not sure what you mean about selecting openvpn on port tcp 443 though. That isn’t really how it works.

idk how to start new thread bro pls give me some contact to contact u

@GHOSTanonymus said:

idk how to start new thread bro pls give me some contact to contact u

On the main page on the bottom right is a button you can use to create a new discussion.

You can message me on this. If you want to send a direct message, click on my name and send me a message. I am not sure how contacting me in different ways from asking questions on the forum will help though.