PTD

Anyone wanting hints : Please don't expect walk-through's. I no longer have the time or the patience to hold someones hand if they cant be bothered to do basic enumeration. Show me what you have tried and evidence of enumeration, then I'll give you a hint

About

Username
PTD
Joined
Visits
2,063
Last Active
Roles
Member

Comments

  • Figured it out. needed to catch up on my regex skills
    in Haystack Comment by PTD August 2019
  • Been a way for a while, came back and gave haystack a go So everything up untill that very last step is fairly straight forward found 3 files, know exactly what to edit and where. but for groks sake i cant seem to get that last step working ! Any…
    in Haystack Comment by PTD August 2019
  • And rooted Just a couple things. 1 - The hint that says "think like a user". I still don't understand the relevance 2 - Deleting necessary files is just dumb. Make a backup instead !!! User : I went for the "Old Backdoor" . …
    in LaCasaDePapel Comment by PTD April 2019
  • Trying to get my head around root - I know its something to do with "M*******D" but cant get the syntax quite right Got told to "think like a user" - which is of no help to me at all as i rarely ever have to deal with users :)
    in LaCasaDePapel Comment by PTD April 2019
  • So user was simple Root - potentially should be simple, got the command i need but missing something on the syntax (probably overlooking something glaringly obvious) Anyone about to go over some syntax ?
    in LaCasaDePapel Comment by PTD April 2019
  • Thats that one done and dusted I was clearly overthinking one specific step So there isn't a great deal i can add to this Enumerate well A retired machine that was mentioned will get you to the first part Impacket is an invaluable tool for this …
    in Querier Comment by PTD March 2019
  • Anyone about to cover some syntax ? - got the Giant Mushroom hint, but something isn't quite right and its starting to PS me off !
    in Querier Comment by PTD March 2019
  • Back from a short holiday and just nailed user ! to the author : Thank you ! A fairy realistic box for a change now on to root
    in Querier Comment by PTD March 2019
  • Type your comment> @WillIWas said: (Quote) feel free to PM
  • And done ! Everything you need is in this thread User : Enumerate and then enumerate again There are a few rabbit holes granted but if you keep digging you'll find what you need At the point of RCE - make sure your payload isn't too basic (cant …
  • Anyone about to go over some syntax ? I can see exactly what has to be done, its obvious but I'm missing a slash or a question mark i believe Edit - If an upload is too simple it wont register
  • Oh I'm quite aware it can be reset , as am i aware of where logs are stored - shouldn't have to keep resetting the box though due to some idiot. Either way, deleting files that are relevant to the box is a really shitty thing to do
    in Vault Comment by PTD February 2019
  • Edited I was stumped as to where this so called log file was - then i found out some idiot had deleted it. To the person who deleted said log - I hope you sit on a large cactus !
    in Vault Comment by PTD February 2019
  • Anyone about to go over the tunnel - got the IP addresses , ports, host-names etc - and remember doing this in poison but cant quite get it to work on this one !
    in Vault Comment by PTD February 2019
  • User : Dont take any notice of the error message Search for the software running - you should find an unauthorized exploit you may need to do a bit of time travelling as mentioned here Root : Tbh I disagree with those saying its blindingly ob…
  • so user was simple - but what the hell is this "easy enumeration" for root ? - Edited - Probably not a good idea rooting if your tired / had a long day - You'll easily overlook something shout out to clmtn :)
  • Got root + root shell Fairly straight forward Standard nmap enumeration Initial foothold Read whats in front of you clearly - specifically what runs on port 80 ! 1st user : The box name is a dead giveaway as to whats going on. Leverage your att…
    in Lightweight Comment by PTD January 2019
  • Heres a pearl of wisdom - you can use other languages other than php
    in Chaos Comment by PTD January 2019
  • I got to like this one as it progressed, though as a rule i don't generally care for CTF challenges New users may find this one fairly complex - as always enumerate and read this forum well, it has everything you need Seasoned HTB users - Just don…
    in Chaos Comment by PTD January 2019
  • Anyone available to checkover some code ? - don't want to give away spoilers here Got something to decrypt something , found something similar on google that, with a bit of alteration should do the job . Only issue is, its deleting the file or just…
    in Chaos Comment by PTD January 2019
  • Boshed this one on the head the other day, found a couple ways - one i think was a bit Dirty and not intended Anyone out there who got wild with this one care to PM me ? - as I said I've already got the flag, I'm just interested how you got it to w…
    in Teacher Comment by PTD December 2018
  • there isn't an interesting services as such - there is an integral service
    in Teacher Comment by PTD December 2018
  • anyone available to check some syntax ? Know the exact exploit for root - the "easy rider" video earlier in this thread is a dead giveaway Tested it on local machine, cant quite get it to execute on server
    in Teacher Comment by PTD December 2018
  • (Quote) Look closer , enumerate the whole site not just the source code In fact just looking closely at the website will show something is missing / not quite right
    in Teacher Comment by PTD December 2018
  • All the best one and all !
  • Got user - now onto root IF you are having issues with some things not authenticating, i found leaving it for an hour or so then doing a reset on the box helped. Initial Foothold - Step 1: its quite simple - enumerate the usual way. The school c…
    in Teacher Comment by PTD December 2018
  • Edited So that was weird. left it for an hour or so - went back to it and no more error message (had originally tried on free + VIP servers and got the same error on all)
    in Teacher Comment by PTD December 2018
  • Admins - Ignore / delete
    in Teacher Comment by PTD December 2018
  • so what is this so called "interesting service" - could do with a nudge unfortunately
    in Teacher Comment by PTD December 2018
  • so far so good - in via unprivileged user usual enumeration done, suid files, services etc - Apparently there is an "interesting service" running usual commands run to show all services - there is nothing that i would call interesting ru…
    in Teacher Comment by PTD December 2018
Avatar

Howdy, Stranger!

Click here to create an account.