Official Armageddon Discussion

Type your comment> @rancilio said:

I’m in as b*****eaan, have done some basic enum to see that there’s a n exploit with the v2 already in the home dir.

Eeeeh, unless I was blind when I did the box, I assume someone left his tools on the box and that folder shouldn’t be there. In any case, I think you can build the necessary package on many distros, including kali.

currently on as the a***** and found the ml directory but stuck on how to get into it. I found the b*********** but not sure where else to look. nudges?

I got user flag. Working on this s*** and s**** thing and slowly going crazy

rooted, it is an easy box.

Type your comment> @devilray said:

currently on as the a***** and found the ml directory but stuck on how to get into it. I found the b*********** but not sure where else to look. nudges?

everything you need is where you landed.
just look at the file’s.
find the creds for your next step.

no need to go outside www, i did and found some things but they where also in the www.

Type your comment> @djbrains said:

Type your comment> @devilray said:

currently on as the a***** and found the ml directory but stuck on how to get into it. I found the b*********** but not sure where else to look. nudges?

everything you need is where you landed.
just look at the file’s.
find the creds for your next step.

no need to go outside www, i did and found some things but they where also in the www.

I was able to find what I needed and got user flag. Thank you!

Can anyone help with root flag? Dirty-Socks not helping…

Type your comment> @secure77 said:

finished the machine, If anyone need help, just pm me.

@secure77 , I tried to message you on HTB, but it’s saying invalid user…dumb system. I was going to ask which package creator you used. I tried FPM, like it says on GTFOBins, but I just keep getting errors.

Someone suggested to me, packing up the file on Ubuntu, so I’m going to try that. Said he spent forever tryin to get it to work on Parrot and Kali, but only worked on Ubuntu.

Rooted

Incredibly dissatisfying as my google search yielded some forum that discussed spoilers :frowning: Even after completing this box, it feels like I cheated…

Anyway, it was not too hard but not too easy either.

Foothold: CVE… I thought it was too good to be true so I spent some time looking for something else. After realizing it was the CVE, it was easy. Obtained the shell manually but it was incredibly cumbersome to use so moved on to mc****. Easy

User: Found what I needed but couldn’t connect to the service. This is where I found the forum. Anyhow, I found what I was missing. ‘Buffered’ vs ‘Unbuffered’ was something I was not familiar with. Once understood, it was very straightforward

Root: Basic enum provided what I needed. Had to modify to create my own payload. Afterward, very straightforward.

PM me for nudge.

Type your comment> @6062055 said:

Type your comment> @secure77 said:

finished the machine, If anyone need help, just pm me.

@secure77 , I tried to message you on HTB, but it’s saying invalid user…dumb system. I was going to ask which package creator you used. I tried FPM, like it says on GTFOBins, but I just keep getting errors.

the first field of the message form is for receipts i think you have tried to enter there
some “subject” :wink:

anyway i sent you a message

Just got root. Big shout out to @x00future for the help.

Foothold: CVE for this, search a popular tool when you know the service running.
User: I had to force my way in…
Root: basic enumeration to find out what you can do…create the right environment to craft your OWN payload (it took me forever as I tried to use a default one for this priv esc method).

DM if you need help.

Spoiler Removed

Rooted! Fun box, not too hard.

Enumeration
Basic enumeration should help you out just fine.

Gaining access
The name of the box is a great help finding your path towards access.

User
Enumeration is what helps. If you found some ‘loot’, where could you employ it and what might it bring? Use the loot to get some more loot. If this new loot goes beyond you, it is always useful to read the bible (The true light that gives light to everyone was coming into the world.)

Root
Straightforward enough. Stuck with a weird error? Perhaps the name you chose is the issue.

User was pretty easy. s*** crafted but after install nothing changed, dm hints?

nevermind, got it

Finished the root part with little effort, if you get stuck at running the craft, try to understand the error and follow it (change some thing in your craft).
By the way, i force in the ssh with ha, someone could give me hints to find another to get in with ml ?? I try to watch the running service but there are no ml process, then i tried to watch the service listening at lo**st but still find no way to get in. Thanks a lot for helping!!

Hi

Does anyone else experience connection problems with the box? It is super slow and always falls through. Would be very grateful on some tips how to improve the connection, as it is getting annoying.

Disregard that :slight_smile: Should have googled a bit harder regarding vpn issues.

rooted, but no idea with the s*** service, people said there is an enum, but seems not work

user: ml and ha also works

Finally rooted this machine. The user flag was easy. But boy did the root kick my ■■■. Should have been studying today but instead spent the entire day trying to root this machine! Managed to get it just as I was going bed so I will sleep very peacefully tonight!

Root hint:
Look for a program around this exploit on the web. It’s dirty wink wink.

The program doesn’t work. You’ll need to extract something from it and figure out what to do with it after that. Once you’ve figured out what to do with it, just log in…

On a second note. Email me if you need help. I know you can wait until it’s retired and find out, but it’s also good for you to find out and learn.

Is anyone finding something strange going on with this box? I started it a few days ago and found a D***** installation - however when I look now I can’t see a
Drupal installation but I can see a W******** installation. I have tried resetting the box but it is still the same?