Official Tentacle Discussion

@TazWake said:

@HomeSen said:

There is no authentication required for this part. I’ve just checked the part you are stuck at from within my CTF Kali VM and can enumerate just fine.
Maybe you can try switching to another server instance or VPN zone, as you already ruled out (active) misconfiguration of the tool on your end. Because it looks a little like the machine you are targeting is broken.

So, I had a bit of spare time - I switched to EU-VIP-11 but same problem :lol: All my packets are being rejected by the first hop, which is responding that the service is not available.

I even cracked and switched to EU-VIP-14 as well. Same problem.

I want to think it is an issue with my configuration, but it was an identical problem with the clean installs from marketplace images in AWS and Azure.

It really does feel like I am not destined to progress this box :relieved: :smile:

It turns out I am a bigger ■■■ than I realised. It was a layer 8 issue that I managed to repeat several times. I’ve no idea why I failed to spot it for three days but typos are killers.

in my humble opinion this is obviously not a hard machine, i think it should be consider as insane machine, or maybe i am just a bit rusty, it took me ages to find the way to the root

but finally i got it, rooted!

i will be willing to help if anyone here feeling frustrated or stuck somewhere, feel free to DM/PM me for any questions, hints or nudges.

Oh boy… I got sick reading the doggy docs.
Nice machine, thank you @polarbearer

Got root! Learned a lot about Kerberos)

Type your comment> @PencilNeck said:

Oh boy… I got sick reading the doggy docs.
Nice machine, thank you @polarbearer

:smile:

rooted. really fun box that taught me a lot about the app it is named after, the main tool needed to exploit it, and finally the k dog. thanks @itsdafafo for a steer near the end.

great box @polarbearer!

pm if you need a nudge.

Type your comment> @camk said:

rooted. really fun box that taught me a lot about the app it is named after, the main tool needed to exploit it, and finally the k dog. thanks @itsdafafo for a steer near the end.

great box @polarbearer!

pm if you need a nudge.
this is a mad box… glad you rooted it! nice. ?

Rooted, i learned a lot. Pm me for hints.

Would someone help me understand why I can’t run gobuster through p*********s ? nmap works perfectly well (I found and nmap’ed w—.r-------.—) but gobuster keeps timing out. I tried writing my own script but it’s far from being as effective as gobuster (1h30 in and not even 20k requests sent ><).

@dragonista said:

Would someone help me understand why I can’t run gobuster through p*********s ? nmap works perfectly well (I found and nmap’ed w—.r-------.—) but gobuster keeps timing out. I tried writing my own script but it’s far from being as effective as gobuster (1h30 in and not even 20k requests sent ><).

No need for gobuster, here. Just try to imagine what might be served by that server :wink:

Type your comment> @HomeSen said:

@dragonista said:

Would someone help me understand why I can’t run gobuster through p*********s ? nmap works perfectly well (I found and nmap’ed w—.r-------.—) but gobuster keeps timing out. I tried writing my own script but it’s far from being as effective as gobuster (1h30 in and not even 20k requests sent ><).

No need for gobuster, here. Just try to imagine what might be served by that server :wink:

Mmmh, okay, found it ! Well… I’d like to make gobuster run still, but at least I can move on :open_mouth: Thanks !

I’m a bit stuck as well. I slapped some hashes for a while but no luck there. However, poking at names got me an internal IP, but I’m really not sure how I could route myself into that subnet. Any tips?

@thecog said:

I’m a bit stuck as well. I slapped some hashes for a while but no luck there. However, poking at names got me an internal IP, but I’m really not sure how I could route myself into that subnet. Any tips?

Use the services the system provides to you.

Phheeew… great box so far, but really confusing ^^
I’m a**** now, retrieved some hashes from k****b but I’m a bit lost for the next steps. Most of the docs I find talk about Windows.
If anyone has either an idea or a good article to send in my direction, that’d be awesome :slight_smile:

Edit : Rooted. I really enjoyed the beginning, I was new to this type of things. The privesc part had me crying :smiley:

Oh my lord, my first hard box !

Dude, never messed with almost any of this things but bit by bit i was able to progress (not fast, but progress at least). Took me a WHOLE week, but i assume that when familiar with the technologies is not something out of this world !

But, without any doubt, an awesome box to learn new stuff and it was fun!!

Foothold: Oh boy, the hardest is to reach there (might need to hop like a rabbit)
User: well, if you look carefully when landing you can see that only you are missing the trio party ! use what you found in clear
Root: Quite straightforward if you know how to move in the 3headK world

If you need help, just reach out to me and i’ll try to help you out in the best of my capabilities :slight_smile:

I am adding the root p******** into the k***** but it gets removed after a short time which does not give me enough time to a**h

Got it. Seemed to be an issue of convolution.
Great box. Learned lots, thanks.

Before I do anything crazy like instrument and compile the exact version of s**** to figure out how todo c**** p***** or req**** sm*******. I would like to talk about my current thoughts. Just like what has already been discussed in this thread I also can hit all i******* s******* but nothing seems to talk h*** so an s*** seems unlikely. Who knows maybe my enum is bad and I missed something. So I guess PM me if your willing to provide a nudge.

well, I recently rooted this box. My enum is bad and I really should feel bad. Additionally, You have to be really specific with your interactions with this really picky underworld’s authentication gatekeeper.

I’m stuck at priv esc. I know I have to get a***n first but not getting anywhere. I already tried to crack the hashes. I also tried fiddling with that unusual s***pt which belongs to a***n. SOS!