Official Love Discussion

@rancilio thanks bro for help…i was totally ignoring s**f…

Rooted!! Fun Box

stuck on getting the foothold. I tried gobuster and nothing pops out at me. Am I chasing the wrong attack point?

Type your comment> @cutterslim said:

stuck on getting the foothold. I tried gobuster and nothing pops out at me. Am I chasing the wrong attack point?

Yes. You don’t need Gobuster or any brute force for that matter. Look at your nmap as stated above and try to think what other enumerations you could with the ports and services given.

C4rm3l0

Type your comment> @C4rm3l0 said:

Type your comment> @cutterslim said:

stuck on getting the foothold. I tried gobuster and nothing pops out at me. Am I chasing the wrong attack point?

Yes. You don’t need Gobuster or any brute force for that matter. Look at your nmap as stated above and try to think what other enumerations you could with the ports and services given.

I saw something for the SMB version, but I after reading the exploit, it looks like something I would need to use to escalate priv’s to root after I’ve gotten the foothold

Type your comment> @cutterslim said:

Type your comment> @C4rm3l0 said:

Type your comment> @cutterslim said:

stuck on getting the foothold. I tried gobuster and nothing pops out at me. Am I chasing the wrong attack point?

Yes. You don’t need Gobuster or any brute force for that matter. Look at your nmap as stated above and try to think what other enumerations you could with the ports and services given.

I saw something for the SMB version, but I after reading the exploit, it looks like something I would need to use to escalate priv’s to root after I’ve gotten the foothold

You’re not looking for a ready exploit just yet. Try enumerating some more, it will click at some point. Otherwise you can always DM for a more specific nudge.

C4rm3l0

Is there anyone having issues with the shell? Every time I am getting a shell and the box will be unreachable. I know how to escalate, after many attempts to run the priv checks, but the user shell is unstable.

Type your comment> @joeldejo said:

Is there anyone having issues with the shell? Every time I am getting a shell and the box will be unreachable. I know how to escalate, after many attempts to run the priv checks, but the user shell is unstable.

There are a multitude of ways to get a decent shell, the easiest is create a php msfvenom payload for a meterpreter session then upgrade it to a decent one or just a decent php shell that will work on a multitude of systems there a mini one on github thats very good.DM me if you need more info.
![Foalma321] (https://www.hackthebox.eu/badge/image/74636)

C:\Users\Administrator\Desktop>whoami
whoami
nt authority\system

Rooted. One shell script worked better than the other two for stability. Was a fun box, figuring out the user part was frustrating because of where it is - like literally right there.

Type your comment> @foalma321 said:

Type your comment> @joeldejo said:

Is there anyone having issues with the shell? Every time I am getting a shell and the box will be unreachable. I know how to escalate, after many attempts to run the priv checks, but the user shell is unstable.

There are a multitude of ways to get a decent shell, the easiest is create a php msfvenom payload for a meterpreter session then upgrade it to a decent one or just a decent php shell that will work on a multitude of systems there a mini one on Github that’s very good.DM me if you need more info.
![Foalma321] (https://www.hackthebox.eu/badge/image/74636)

I managed to get the SYSTEM, I was using a mini one, which worked well but the problem was sometimes I have to wait for a long time to receive a response, I thought the shell was broken but later I figured out it was not broken it will take time. msfvenom raw PHP shell was not successful for me.

Type your comment> @joeldejo said:

Type your comment> @foalma321 said:

Type your comment> @joeldejo said:

Is there anyone having issues with the shell? Every time I am getting a shell and the box will be unreachable. I know how to escalate, after many attempts to run the priv checks, but the user shell is unstable.

There are a multitude of ways to get a decent shell, the easiest is create a php msfvenom payload for a meterpreter session then upgrade it to a decent one or just a decent php shell that will work on a multitude of systems there a mini one on Github that’s very good.DM me if you need more info.
![Foalma321] (https://www.hackthebox.eu/badge/image/74636)

I managed to get the SYSTEM, I was using a mini one, which worked well but the problem was sometimes I have to wait for a long time to receive a response, I thought the shell was broken but later I figured out it was not broken it will take time. msfvenom raw PHP shell was not successful for me.

Nice one. I used a php/meterpreter/reverse_tcp one and upgraded to a decent met shell once on the box or a php/download_exec one to install a msfvenom created exe.
![Foalma321] (https://www.hackthebox.eu/badge/image/74636)

I cant seem to get the s*******n w**e to load no matter what. Reset the machine, vpn, can ping it no prob, reran nmap numerous times to clarify I wasn’t missing some l337 speak or something dumb, to no avail… Hs is configured correctly and all as well. perhaps something obvious I’m missing? I’m all ears. Well, I have a body too but I am willing to hear suggestions. };-|]

Can anyone help me with the foothold ? . I’m kinda stuck

I can’t seem to access this machine anymore and the Release Arena machine has changed. The ip address is now 10.10.10.239 . Does this mean I need to buy a subscription in order to continue to work on it?

@cutterslim said:
I can’t seem to access this machine anymore and the Release Arena machine has changed. The ip address is now 10.10.10.239 . Does this mean I need to buy a subscription in order to continue to work on it?

you need to choose the right VPN package

Type your comment> @Doncrek said:

@cutterslim said:
I can’t seem to access this machine anymore and the Release Arena machine has changed. The ip address is now 10.10.10.239 . Does this mean I need to buy a subscription in order to continue to work on it?

you need to choose the right VPN package

I switched to a lab vpn, got a different ip address and still can’t reach 10.10.10.239. Is there a different vpn package I should be using?

@cutterslim said:
Type your comment> @Doncrek said:

@cutterslim said:
I can’t seem to access this machine anymore and the Release Arena machine has changed. The ip address is now 10.10.10.239 . Does this mean I need to buy a subscription in order to continue to work on it?

you need to choose the right VPN package

I switched to a lab vpn, got a different ip address and still can’t reach 10.10.10.239. Is there a different vpn package I should be using?

yes it’s lab VPN , are you sure you’re connected to the VPN ? check ifconfig tun0 ?

@quangvo said:
Can anyone help me with the foothold ? . I’m kinda stuck

reach me out so I can give you some nudges

Type your comment> @Doncrek said:

@cutterslim said:
Type your comment> @Doncrek said:

@cutterslim said:
I can’t seem to access this machine anymore and the Release Arena machine has changed. The ip address is now 10.10.10.239 . Does this mean I need to buy a subscription in order to continue to work on it?

you need to choose the right VPN package

I switched to a lab vpn, got a different ip address and still can’t reach 10.10.10.239. Is there a different vpn package I should be using?

yes it’s lab VPN , are you sure you’re connected to the VPN ? check ifconfig tun0 ?

nevermind, i restarted kali machine, and now i can reach Love again