Rooted! Lots of good hints on this thread but Iāll leave my two cents.
Foothold: Something I always see but never have had to check until now.
Root: Maybe something in the help menu can help you?
DM me for a nudge
Rooted! Lots of good hints on this thread but Iāll leave my two cents.
Foothold: Something I always see but never have had to check until now.
Root: Maybe something in the help menu can help you?
DM me for a nudge
Quite a fun box. Very recent exploits so it was impressive that HTB were able to build and deploy this so quickly.
Fun box, easy though, but fun! Thanks to the makers. DM me if you need help.
Rooted
Foothold was easy for me
Root wasnāt as straight forward as for you. Iāve been trying for an hour until I finally got it.
My tip is, read what the program can do. What you have to use is pretty straight forward. Just make sure you use the correct language!
rooted
PM for help
Done.
User: Versions versions versions
Some dudes are modifying code of other dudes and leave backdoor
Root:
Only 1 line and not more than 40 symbols (max) is needed for root
PM for hints
Not a hard one, but that can be long for a newbieā¦ a few research, donāt look to far, the path is not so deep.
A fun one.
Quiet easy machine, actually for User is just following recent news (GOOGLE) and check everything the app tell you.
Root: just RTFM.
for some reason iām not able to get a reverse shell. tried the oneliners and tried upload shell files in to the target machine the request doesnāt reach my python webserver. but still ping worksā¦ Any suggeestions?
@D3adsh0t said:
for some reason iām not able to get a reverse shell. tried the oneliners and tried upload shell files in to the target machine the request doesnāt reach my python webserver. but still ping worksā¦ Any suggeestions?
It depends on how you are trying to exploit it. At a guess, Iād say check how the quotation is set. If you are trying to send a one-liner by the command line, there might be lots of quotes needed, check how they are nested.
ā ā ā ā , this was a nice easy box. Got a lil bit confused at the foothold part but still it was interesting.
Any hints getting a full TTY shell? Tried everything I can find, not getting any hits.
Rooted, DM if u need help
Hi. I got remote command injection with the exploit . Trying to get full tty shell with it. Having issues with netcat arguments. Canāt get the rest of the argument to work ā-e /bin/bashā even with . netcat command works fine without out it but know bash shell.
I have been able to get a user flag but i am struggling with root flagā¦ i have been able to find the ///***fe which can be exploited for privesc but i donāt know how to use if
Someone should please give me a nudge to the right direction
@fynboi said:
I have been able to get a user flag but i am struggling with root flagā¦ i have been able to find the ///***fe which can be exploited for privesc but i donāt know how to use if
Someone should please give me a nudge to the right direction
Have a look at what it really is. It can run something you can create. The thing you can create can give you root.
Nice machine, got root flag in quite āwierdā way in a error message but manage to finally get root shell as well.
feel free to Dm if u need a hint
as a newbie, this machine wasnt as easy as it seem to most people but thanks to TazWake I have finally been able to root the machine
Spoiler Removed
@kshitizkr6003 said:
Message me on instagram ( ) i will provide a link to a writeup
Writeups on active machines are prohibited by HTB rules.