Official Armageddon Discussion

Type your comment> @moose said:

Type your comment> @aksofar said:

Type your comment> @moose said:

Type your comment> @Muzec said:

@moose said:
Having trouble connecting to the d***base. Have creds to view but not able to view the output in my shell. Any ideas?

You can actually use you present shell also just know the tables and boom you will get everything

Tried using the correct m**** syntax but it’s not showing any output in my shell. I’m using the mf***** shell if that matters.

Yes I was confused about that too but it works just put in the commands.

Can you pm me how you were able to view the output? It appears my syntax is working but I can’t see any of the output.

Figured out. Thanks :slight_smile: if anyone needs any help, let me know.

@menkar411 said:
Type your comment> @moose said:

Type your comment> @Muzec said:

@moose said:
Having trouble connecting to the d***base. Have creds to view but not able to view the output in my shell. Any ideas?

You can actually use you present shell also just know the tables and boom you will get everything

Tried using the correct m**** syntax but it’s not showing any output in my shell. I’m using the mf***** shell if that matters.

I had the same problem. Don’t know why, mb it’s a spoiler, but sql commands are working, but doesn’t showed. Try to exit (exit; ?) after you put your commands, with the error you will see your commands and response

Thanks! :slight_smile:

i found exploit for the machine for initial foot hold and it say target is vulnerable but cant able to generate a reverse_shell or session…any help

foothold: enumeration and cve
user: more enumeration (pay attention to whats running on the machine)
root: pretty straight forward (as @AbuQasem already said, a vulnerability that existed in prior versions can help you a lot…)

A> @DK9510 said:

i found exploit for the machine for initial foot hold and it say target is vulnerable but cant able to generate a reverse_shell or session…any help

I sometimes get caught out by a certain tool not detecting the correct local IP to use, or not remembering to open up the right port on my firewall.

Hello, I have a connection with the machine, but it does not let me leave the container folder of the web, and when performing a reverse shelll it does not create the meterpreter session

i was able to use

s***c**** pack xxxx

command after having installed s*** and s***c***** on a normal kali machine. this creates a s*** from a directory. when installing a s***, it mounts it somewhere onto the file system, so i included set*** binaries in the s***. i don’t think this is the intended route, though.

I feel like there is a lot of help on this so far. The only thing that I would suggest is to not overthink it (I know I did).

Foothold: Easy to find from google
User: Basic enumeration. If you have worked with web applications in the past with login screens, you should know what you’re looking for. If you haven’t, do some searches about setting up things like wordpress or dvwa. You’ll see some information that will be useful in different files.
Root: This was the headache for me. I overthought this a lot and wasted some serious time. There are some great posts about doing this exploit, but you may need to change a few things up. It’s not about what you’re installing, but what you do while you’re installing :wink:

yay finally gotten user but root i do not have a clue… finally that “s***” came into my mind. lol. let’s see how to work that “snap”

Hi, has anyone managed to set up the “crafter” on MacOS? I keep getting an error that multipass is not configured properly although I have installed it as well.

Type your comment> @Aus3rn4m3Z said:

Hi, has anyone managed to set up the “crafter” on MacOS? I keep getting an error that multipass is not configured properly although I have installed it as well.

This might help you: https://snapcraft.io/docs/installing-snapcraft
Personally, I used a Ubuntu VM.

Any clue on su giving “system error”? Which other service can i work with to log in as b************?
I am stuck here help :slight_smile:

Type your comment> @levanto said:

Any clue on su giving “system error”? Which other service can i work with to log in as b************?
I am stuck here help :slight_smile:

If you have the credentials, port 22 is open

Spoiler Removed

Got user, so easy machine and good for starters

Type your comment> @obfucipher said:

This might help you: https://snapcraft.io/docs/installing-snapcraft
Personally, I used a Ubuntu VM.

It works fine on Kali as well.

I’m bashing my head into a wall right now…
Got initial foothold under a*e using a popular framework. Cannot seem to connect to ml, even from the shell. Tried port forwarding and still no luck. BTW, I have the credentials to connect, but can’t seem to do so. Any help would be greatly appreciated.

EDIT: NM, hahahaha… found the alternative, and much simpler, method :wink:

To solve that machine enumeration is a key you already have everything infront of you…
Root part is pretty simple if u stay on the genuine approach…
You must find out a way to solve what you found…

Type your comment> @pL4sTiC said:

I’m bashing my head into a wall right now…
Got initial foothold under a*e using a popular framework. Cannot seem to connect to ml, even from the shell. Tried port forwarding and still no luck. BTW, I have the credentials to connect, but can’t seem to do so. Any help would be greatly appreciated.

Same issue here - maybe it’s a rabithole, or wrong creds?

EDIT: nevermind :smile: syntax

Rooted.

This box is both easy and hard. Easy to discover the entry points but requires some specific knowledge and toolsets to exploit.

SE Linux was a bit of a pain in the buttons at one point but nice to see it.

I’ll be very interested in seeing exactly how others rooted this one. Mine was ugly but worked. Will watch for walkthroughs.

I’ve found that in both htb I’ve done so far… Super easy to find the vector of attack but you need some specific knowledge. So you spend a day learning something that you never needed to use before. Not a bad experience but definitely can be frustrating.