Never seen this method of authentication before and Google isn’t being very handy. /keys
is not directly accessible. Not sure how to generate this self signed or if this is even the way forward.
Update: Foothold is new to me, the issue gives you the information, but isn’t specific - check against the files in the G**B****T
User: Enumeration and reading documentation
Root: Self explanatory
user l**s is a rabbithole?
Just got root.
Seemed really easy for a medium box.
Foothold: An issue may help you.
User: Enumerate.
Root: Pretty much the first thing you do after getting user will get you root easily.
s1gh
July 11, 2021, 11:51am
5
Finally rooted.
All in all a fun machine. Learned something new as well!
Any help for ae p *k to get user ?
Rooted it!! feel free to PM
Finally rooted! Great box, very interesting foothold
R4hn1
July 11, 2021, 5:47pm
11
Rooted!!
Easy Machine at the Level of medium.
Feel free to ping me if any help required.
Stuck at user…> @openwan said:
Any help for ae p *k to get user ?
Stuck at the same place… Any hints ?
Type your comment> @kavigihan said:
Stuck at user…> @openwan said:
Any help for ae p *k to get user ?
Stuck at the same place… Any hints ?
Make sure to take a really close look at the ***.y*l
file!
I made my own one tested it. It worked. Now struggling with how to replace the /t/bac **/**/ . file with my own one.> @coldBug said:
Type your comment> @kavigihan said:
Stuck at user…> @openwan said:
Any help for ae p *k to get user ?
Stuck at the same place… Any hints ?
Make sure to take a really close look at the ***.y*l
file!
I made my own one tested it. It worked. Got a shell as t**t .Now struggling with how to replace the /t/bac /**/ . file with my own one .
Type your comment> @coldBug said:
Type your comment> @kavigihan said:
Stuck at user…> @openwan said:
Any help for ae p *k to get user ?
Stuck at the same place… Any hints ?
Make sure to take a really close look at the ***.y*l
file!
Thanks, this was really helpful!
Finally rooted. Well, I was such an idiot. I tried to go for root before going for user. Hope these hints will help you a bit.
Foothole
If you see an inverse there is always a reverse.
Just do the right search and acunetix.**m will give you what you need
User
Put the ‘peas’ in and enumerate.
If you can’t see a file directly there are indirect methods as well.
Root
That’s is too obvious
Google what you don’t know
If you get stuck. Just hit me up
Type your comment> @kavigihan said:
Finally rooted. Well, I was such an idiot. I tried to go for root before going for user. Hope these hints will help you a bit.
Foothole
If you see an inverse there is always a reverse.
Just do the right search and acunetix.**m will give you what you need
User
Put the ‘peas’ in and enumerate.
If you can’t see a file directly there are indirect methods as well.
Root
That’s is too obvious
Google what you don’t know
If you get stuck. Just hit me up
Thanks, sent. you a DM.
After hours spent on this box, I finally managed to root it! I learned a ton from this.
Foothold: Don’t be afraid to shake things up a bit with a classic vulnerability.
User: Sometimes taking a peak at what’s going on under the hood can give you ideas.
Root. Super easy. Google what you don’t know.
Message me if you need a nudge.
ROOTED.
Fun box, inital foothold takes a little nginx knowledge but easy going after that.
DM me for a nudge
Foothold: Read up about nginx bugs
User: Enumeration and research is key
Root: Piece of cake, very easy
ROOTED. Fairly easy box for a medium have done harder easy boxes.
Plenty of good clues here already.
![Foalma321] (https://www.hackthebox.eu/badge/image/74636 )
Felt like that was a good box for a medium.