Official Knife Discussion

Rooted! Lots of good hints on this thread but Iā€™ll leave my two cents.

Foothold: Something I always see but never have had to check until now.

Root: Maybe something in the help menu can help you?

DM me for a nudge :slight_smile:

Quite a fun box. Very recent exploits so it was impressive that HTB were able to build and deploy this so quickly.

Fun box, easy though, but fun! Thanks to the makers. DM me if you need help.

Rooted

Foothold was easy for me
Root wasnā€™t as straight forward as for you. Iā€™ve been trying for an hour until I finally got it.
My tip is, read what the program can do. What you have to use is pretty straight forward. Just make sure you use the correct language!

rooted
PM for help

Done.

User: Versions versions versions

Some dudes are modifying code of other dudes and leave backdoor :joy:

Root:
Only 1 line and not more than 40 symbols (max) is needed for root :wink:

PM for hints

Not a hard one, but that can be long for a newbieā€¦ a few research, donā€™t look to far, the path is not so deep.

A fun one.

Quiet easy machine, actually for User is just following recent news (GOOGLE) and check everything the app tell you.

Root: just RTFM.

for some reason iā€™m not able to get a reverse shell. tried the oneliners and tried upload shell files in to the target machine the request doesnā€™t reach my python webserver. but still ping worksā€¦ Any suggeestions?

@D3adsh0t said:

for some reason iā€™m not able to get a reverse shell. tried the oneliners and tried upload shell files in to the target machine the request doesnā€™t reach my python webserver. but still ping worksā€¦ Any suggeestions?

It depends on how you are trying to exploit it. At a guess, Iā€™d say check how the quotation is set. If you are trying to send a one-liner by the command line, there might be lots of quotes needed, check how they are nested.

ā– ā– ā– ā– , this was a nice easy box. Got a lil bit confused at the foothold part but still it was interesting.

Any hints getting a full TTY shell? Tried everything I can find, not getting any hits.

Rooted, DM if u need help

Hi. I got remote command injection with the exploit . Trying to get full tty shell with it. Having issues with netcat arguments. Canā€™t get the rest of the argument to work ā€œ-e /bin/bashā€ even with . netcat command works fine without out it but know bash shell.

I have been able to get a user flag but i am struggling with root flagā€¦ i have been able to find the ///***fe which can be exploited for privesc but i donā€™t know how to use if

Someone should please give me a nudge to the right direction

@fynboi said:

I have been able to get a user flag but i am struggling with root flagā€¦ i have been able to find the ///***fe which can be exploited for privesc but i donā€™t know how to use if

Someone should please give me a nudge to the right direction

Have a look at what it really is. It can run something you can create. The thing you can create can give you root.

Nice machine, got root flag in quite ā€œwierdā€ way in a error message but manage to finally get root shell as well.
feel free to Dm if u need a hint

as a newbie, this machine wasnt as easy as it seem to most people but thanks to TazWake I have finally been able to root the machine

Spoiler Removed

@kshitizkr6003 said:

Message me on instagram ( ) i will provide a link to a writeup

Writeups on active machines are prohibited by HTB rules.