Hi guys, this is my first machine and i’m looking for own root rn. Few days ago i found 2 dirs after owning user in the same directory of the user flag. In the dir w** i found **.t.g . I guess it was the right path to follow but now it’s 2 days that the directories are no longer there so my question is this: is this a bug that those folders are not spawning or i found that because a bug so i have to keep looking around or that dirs are not supposed to be there?
I hope that it’s not spoiler
Thx
Ps: I already tried to reset the machine twice yesterday but nothing changed
This is a free VM, so if you don’t have the top level of VIP you’ll be sharing that server with thousands of others. Someone could have deleted the file to be annoying or it could have been created by a user and the server has been reset.
Hi guys, this is my first machine and i’m looking for own root rn. Few days ago i found 2 dirs after owning user in the same directory of the user flag. In the dir w** i found **.t.g . I guess it was the right path to follow but now it’s 2 days that the directories are no longer there so my question is this: is this a bug that those folders are not spawning or i found that because a bug so i have to keep looking around or that dirs are not supposed to be there?
I hope that it’s not spoiler
Thx
Ps: I already tried to reset the machine twice yesterday but nothing changed
This is a free VM, so if you don’t have the top level of VIP you’ll be sharing that server with thousands of others. Someone could have deleted the file to be annoying or it could have been created by a user and the server has been reset.
Thx, anyway i found the way and got root. It was quite hard as my first machine but really funny and i learned a lot. I would like to thank everyone who suggested here, see ya in others boxes
Rooted!
It was a fun box. The foothold was a little annoying but after that was more or less easy. The only thing… please delete your files when you finish a machine. Or better, don’t put the files directly on the home folder where anyone can see that, just create a spoiler-alert folder or whatever. I saw a t**.g* file there and was a huge spoiler for me
If anyone needs a hint feel free to DM me!
Rooted. Not my first box from Egotistical, struggling with foothold as usual. Thanks for the box anyways.
My advice:
Foothold: hardest part of the box. Follow the advice others gave and remember you need to use both services available to find the interesting file.
User: very straightforward, there is very good advice on this forum, essentially look for an interesting file.
Root: I work with this technology virtually everyday so it was rather easy for me, I’d say it’s a very realistic technique and there are tutorials online on how to priv esc using it. Check for unusual details on your account
Rooted. Not my first box from Egotistical, struggling with foothold as usual. Thanks for the box anyways.
My advice:
Foothold: hardest part of the box. Follow the advice others gave and remember you need to use both services available to find the interesting file.
User: very straightforward, there is very good advice on this forum, essentially look for an interesting file.
Root: I work with this technology virtually everyday so it was rather easy for me, I’d say it’s a very realistic technique and there are tutorials online on how to priv esc using it. Check for unusual details on your account
Any chance of a little guidance? I’m struggling to get my shell to work…
I get a 997 user shell, found a z** file which can been interesting but cannot succeed in “open” it. Am I in the right way or not ?
Some hint to succeed to open it (tried j**n, but can’t found anything)
Found: Just had to find the right wordlist…
After that, way to root is quite simple if you check what are your new rights
This is a semi-regular topic on the forums. The dynamic hashes used by HTB mean that every time a box is reset, or VPN switched etc, a new hash is generated. There are occasions where the new hash isn’t set properly and this cant be fixed by bruteforcing the old hash you have.
The options are:
Report it to HTB as a Jira ticket and get them to fix the problem.
Wait, it normally resolves itself after a while but if its a box where people are constantly resetting it, it may never fix itself. You will need to re-exploit it to get a new hash when it is fixed, so make sure you kept notes.
This has been going on for quite a few months now. HTB will not change its stance on the dynamic hash as they get very few reports of problems but have successfully identified lots of “flag sharing” and other rule violations. Sadly, despite dynamic hashes being in use since March, there are still people selling/trading flags, so this isn’t going to change.
This is a semi-regular topic on the forums. The dynamic hashes used by HTB mean that every time a box is reset, or VPN switched etc, a new hash is generated. There are occasions where the new hash isn’t set properly and this cant be fixed by bruteforcing the old hash you have.
The options are:
Report it to HTB as a Jira ticket and get them to fix the problem.
Wait, it normally resolves itself after a while but if its a box where people are constantly resetting it, it may never fix itself. You will need to re-exploit it to get a new hash when it is fixed, so make sure you kept notes.
This has been going on for quite a few months now. HTB will not change its stance on the dynamic hash as they get very few reports of problems but have successfully identified lots of “flag sharing” and other rule violations. Sadly, despite dynamic hashes being in use since March, there are still people selling/trading flags, so this isn’t going to change.
This is weird!
I tried reset the box several times but after re-exploit flags in the machine are the same. Exactly previous exploits.
I had to wait others to reset the box to see anything else and re-exploit but log luck in submitting flags.
This is weird!
I tried reset the box several times but after re-exploit flags in the machine are the same. Exactly previous exploits.
I had to wait others to reset the box to see anything else and re-exploit but log luck in submitting flags.
If the flags are the same after a reset, thats a good sign something has broken with the box. Raising a ticket with HTB might help but I dont know if that is faster than waiting for others.
I get a 997 user shell, found a z** file which can been interesting but cannot succeed in “open” it. Am I in the right way or not ?
Some hint to succeed to open it (tried j**n, but can’t found anything)
Found: Just had to find the right wordlist…
After that, way to root is quite simple if you check what are your new rights
I’ve nearly supposed that it’s rabbit hole, because I’ve stucked lot of hours at this step.
Can someone give me nudge about right dict ? or maybe about “shape of key” from this door ?
thx
I get a 997 user shell, found a z** file which can been interesting but cannot succeed in “open” it. Am I in the right way or not ?
Some hint to succeed to open it (tried j**n, but can’t found anything)
Found: Just had to find the right wordlist…
After that, way to root is quite simple if you check what are your new rights
I’ve nearly supposed that it’s rabbit hole, because I’ve stucked lot of hours at this step.
Can someone give me nudge about right dict ? or maybe about “shape of key” from this door ?
thx
Verified OK
wc: ‘/root/Desktop/HACKTHEBOX/VIPSUB/**22.TABBY/lxd-alpine-builder/rootfs/usr/share/alpine-mirrors/MIRRORS.txt’: No such file or directory
sed: -e expression #1, char 2: invalid usage of line address 0
Selecting mirror /v3.13/main
WARNING: Ignoring /v3.13/main: No such file or directory
ERROR: unable to select packages:
alpine-base (no such package):
required by: world[alpine-base]
Failed to install rootfs
It’s like too late for help, considering it’s an old box. I just wanna complete a path. So, I upload the payload, 3 different times to be exact… and it always says the same thing when I go to the file. FAIL - Invalid parameters supplied for command [/deploy].
I’ve tried like 5 writeups, I’ve looked everywhere for help… and it refuses to work.