Got user pretty easy
And I have some lights on what I have to do to get root. Can someone help me building the s***?
getting a foothold and user was actually harder for me than getting root.
foothold : look around google, OSINT.
user : ENUMERATE, ENUMERATE, ENUMERATE, all you need is already where you are.
root : thereās a known exploit, you just need to craft it for your needs.
There are actually a lot of hints on this discussion, so if youāre having a hard timeā¦ just read everything here from page 1 to end.
good luck!.
guys can you help me i cant open any websites from htb when i go to open any of then the error shows dns probe finished nxdomain in any box i checked everything from fixing dns and setting it to google and resetting network manger i just cant open the websites ending in .htb so please help me i am new here
@Darksward27 said:
guys can you help me i cant open any websites from htb when i go to open any of then the error shows dns probe finished nxdomain in any box i checked everything from fixing dns and setting it to google and resetting network manger i just cant open the websites ending in .htb so please help me i am new here
Three points:
- you need to add the domains to your hosts file. HTB doesnāt use DNS (and it would be a bit weird if it tried to really), so you have to tell your computer what IP address are which hostname.
- you probably should work through the Starting Point boxes.
- you might also want to look at the academy site to learn some of the basics.
Type your comment> @pL4sTiC said:
Iām bashing my head into a wall right nowā¦
Got initial foothold under a*e using a popular framework. Cannot seem to connect to ml, even from the shell. Tried port forwarding and still no luck. BTW, I have the credentials to connect, but canāt seem to do so. Any help would be greatly appreciated.EDIT: NM, hahahahaā¦ found the alternative, and much simpler, method
Hey, could you PM me the alternate method? Iāve been trying to connect to the database, but to no avail. I have the creds.
Hint: For those with trouble connecting to m***l.
There are other ways of dumping it
Foothold: The clue is in the name.
User: A little two-step and then you can get in through the frontdoor.
Root: The master of an older generation can show you the way with his teachings.
Getting the thing to actually build seemed to be the hardest part.
Just got root on this after some really stupid mistakes. Couple tips on getting root from user:
- Lots of people struggling with environment setup - you donāt need to craft the payload yourselfā¦ you can re-use anotherā¦
- If it doesnāt work, think about why - read and understand the error, google is your friend
Can someone dm me and help fix my c***t yaml? I keep getting segmentation fault after installā¦
Am stuck in root. Even though I went through linpeas and other methods I havenāt found a way to go about itā¦maybe i just canāt see it. If anyone wants to drop a hint dm me
Type your comment> @elchambos said:
Am stuck in root. Even though I went through linpeas and other methods I havenāt found a way to go about itā¦maybe i just canāt see it. If anyone wants to drop a hint dm me
Look for exploits related to s***.
Reverse shell dies after I enter m**** credits :((((
Type your comment> @reichsstolz said:
Reverse shell dies after I enter m**** credits :((((
Use ā-eā option
FINALLY ROOTED THIS ONE!!! What a pain in the ā ā ā
Fun little box! Found getting user quite straight forward as it involved some staple techniques that every beginner should know, or use this as the perfect opportunity to learn if they havenāt yet.
The root user was a little trickier as I didnāt immediately work out that Iād found the right exploit, as Iād seen some closed things and discarded the idea.
After trying a little crafting of my own and running into all sorts of issues, I realised I could adapt what I found before and after a little decoding, just used what was already out there.
It didnāt work initially as I think someone else had already broken something on the box, but after a reset, the exploit worked exactly as it should.
Thanks for a fun little one
Type your comment> @reichsstolz said:
Reverse shell dies after I enter m**** credits :((((
a one-liner might help
Can someone dm me? Iām stuck with the a****e user and canāt get any further.
Buffered vs unbuffered at a certain step> @AbuQasem said:
Use ā-eā option
Or look in to āunbufferedā
Okay I came upon an article that explains about something āDIRTYā. Got an exploit related to it but the system is not vulnerable to it. Do I need to change something in that? Or am I on the wrong track? Trying for root.
Has anyone had problems spawning a proper tty shell after gaining foothold? I keep getting OS error: out of pty devices. Is it due to selinux and tips to overcome it?