Official Seal Discussion

Never seen this method of authentication before and Google isn’t being very handy. /keys is not directly accessible. Not sure how to generate this self signed or if this is even the way forward.

Update: Foothold is new to me, the issue gives you the information, but isn’t specific - check against the files in the G**B****T

User: Enumeration and reading documentation

Root: Self explanatory

user l**s is a rabbithole?

Just got root.
Seemed really easy for a medium box.

Foothold: An issue may help you.
User: Enumerate.
Root: Pretty much the first thing you do after getting user will get you root easily.

Finally rooted.
All in all a fun machine. Learned something new as well! :slight_smile:

Any help for ae p*k to get user ?

Rooted it!! feel free to PM

Finally rooted! Great box, very interesting foothold

Finally rooted!

Rooted! At last…

Rooted!!
Easy Machine at the Level of medium.

Feel free to ping me if any help required.

Stuck at user…> @openwan said:

Any help for ae p*k to get user ?

Stuck at the same place… Any hints ?

Type your comment> @kavigihan said:

Stuck at user…> @openwan said:

Any help for ae p*k to get user ?

Stuck at the same place… Any hints ?

Make sure to take a really close look at the ***.y*l file!

I made my own one tested it. It worked. Now struggling with how to replace the /t/bac**/**/. file with my own one.> @coldBug said:

Type your comment> @kavigihan said:

Stuck at user…> @openwan said:

Any help for ae p*k to get user ?

Stuck at the same place… Any hints ?

Make sure to take a really close look at the ***.y*l file!

I made my own one tested it. It worked. Got a shell as t**t .Now struggling with how to replace the /t/bac/**/. file with my own one .

Type your comment> @coldBug said:

Type your comment> @kavigihan said:

Stuck at user…> @openwan said:

Any help for ae p*k to get user ?

Stuck at the same place… Any hints ?

Make sure to take a really close look at the ***.y*l file!

Thanks, this was really helpful!

Finally rooted. Well, I was such an idiot. I tried to go for root before going for user. Hope these hints will help you a bit.

Foothole
If you see an inverse there is always a reverse.
Just do the right search and acunetix.**m will give you what you need

User
Put the ‘peas’ in and enumerate.
If you can’t see a file directly there are indirect methods as well.

Root
That’s is too obvious
Google what you don’t know

If you get stuck. Just hit me up

Type your comment> @kavigihan said:

Finally rooted. Well, I was such an idiot. I tried to go for root before going for user. Hope these hints will help you a bit.

Foothole
If you see an inverse there is always a reverse.
Just do the right search and acunetix.**m will give you what you need

User
Put the ‘peas’ in and enumerate.
If you can’t see a file directly there are indirect methods as well.

Root
That’s is too obvious
Google what you don’t know

If you get stuck. Just hit me up

Thanks, sent. you a DM.

After hours spent on this box, I finally managed to root it! I learned a ton from this.

Foothold: Don’t be afraid to shake things up a bit with a classic vulnerability.
User: Sometimes taking a peak at what’s going on under the hood can give you ideas.
Root. Super easy. Google what you don’t know.

Message me if you need a nudge.

ROOTED.

Fun box, inital foothold takes a little nginx knowledge but easy going after that.
DM me for a nudge

Foothold: Read up about nginx bugs
User: Enumeration and research is key
Root: Piece of cake, very easy

ROOTED. Fairly easy box for a medium have done harder easy boxes.
Plenty of good clues here already.
![Foalma321] (https://www.hackthebox.eu/badge/image/74636)

Felt like that was a good box for a medium.