Official BountyHunter Discussion

i’m stuck at the very beginning any help?

Nice and easy box. I would recommend this to beginners who are starting at HTB.
Hints:
User: what you have (enumerated) will be needed once you get the vul.
Root: You know what you have to do (mostly) when you have the SSH of an easy box.
read it, understand it, get the root flag.
Discord - luckythandel#6053

I feel like I’m blowin’ in on all nmap scans thus far. I’m getting nothing useful from them. As to the WASP comments, I see what could be a “thing”, but thus far haven’t been able to get any"thing" to work. burps.

root@bountyhunter:~# id
uid=0(root) gid=0(root) groups=0(root)

thx!

Where are the server files on the machine?

Hello, I’m stuck. I found a vulnerability. I have read the database configuration file and the classic /passwd, but now I’m stuck. Some advice?

Type your comment> @hum4N3rd said:

Hello, I’m stuck. I found a vulnerability. I have read the database configuration file and the classic /passwd, but now I’m stuck. Some advice?

Sent you a message

This was a fun beginner box for me. Reminded me I need to enumerate more and was good exposure to an attack vector I haven’t gotten to play with yet.

User:
Good enumeration will give you most of what you need. The attack vector could be a little tricky if it’s your first time, but googling cheat sheets will help.

Root:
Pretty easy to figure out what needs to be done as the instructions are very clear. The implementation can be tricky but google and trial and error are enough to get it done.

Feel free to PM for nudge

Rooted !

Very much interesting machine with something that we don’t usually exploit …

DM me for nudges

i dont have any idea for root, i found and read the code but cant get any further, is there any website or idea that have related to this coding? i think it have to be something with the irregularities right?

Type your comment> @DemChuck said:

i dont have any idea for root, i found and read the code but cant get any further, is there any website or idea that have related to this coding? i think it have to be something with the irregularities right?

check the functions which are used…

Spoiler Removed

I know the vuln, but can’t seem to figure out the absolute path to the database config file. Can anyone help me out?

Spoiler Removed

Rooted :slight_smile:
If You have any questions, pm me for nudges

Type your comment> @benjamin2000 said:

I know the vuln, but can’t seem to figure out the absolute path to the database config file. Can anyone help me out?

Sent you a PM

Hi, have trouble finding the database base path. Nudge anyone?

Can’t seem to find the right path for the db config file. Tried what I can find through Google but nothing is coming back? Nudge?

Very bad question here. Do I need a VIP subscription to connect? I am able to spawn my own virtual instance, but cannot ping it. Also cannot connect to the release****.vpn…
Am willing to go VIP, just did not need until now.

Apologies for the waste of time, appreciate some advice nevertheless.

@mrenus said:

Very bad question here. Do I need a VIP subscription to connect?

In theory no. On the access page there are a range of VPNs to pick from.

Go to Login :: Hack The Box :: Penetration Testing Labs and select “Free” then download the VPN connection pack.

I am able to spawn my own virtual instance, but cannot ping it. Also cannot connect to the release****.vpn…

I don’t know enough about the release VPNs sorry. I didn’t think you needed to be VIP to use it though.

Am willing to go VIP, just did not need until now.

Apologies for the waste of time, appreciate some advice nevertheless.