Revolution

About

Username
Revolution
Joined
Visits
257
Last Active
Roles
Member

Comments

  • Rooted. Thanks @lonewolf and @picaro for the hints. There are many hints in this topic, especially for the user ... so I am going to nudge especially for root: The way to get root is to use a similar type of vuln as the one you used to get the user…
    in Jarvis Comment by Revolution June 2019
  • Type your comment> @hoodedfigure said: (Quote) Seriously, I don't know if I am stupid or something, but I cannot understand. The encapsulation technique is something that I found out by myself, without the need of this link, but other than that …
    in Jarvis Comment by Revolution June 2019
  • Type your comment> @hoodedfigure said: (Quote) Been there, but after finding a way to leverage the script for my own benefit, I get the same permissions (obviously). SUID/GUID files do not help either.
    in Jarvis Comment by Revolution June 2019
  • I got the names of the two creators of this challenge, but I wasted 4 hours of my life not being able to understand what the flag is supposed to be. I tried EVERYTHING. I tried to enter the flag alone, to enter it as a hex and even to enter differen…
  • Rooted. Thanks @drywaterv2 for your encouragement to watch carefully the service. To be honest, when I was somewhere in the middle of acquiring the user flag, I was quite frustrated. The reason is that I hate CTF-like boxes, and to be honest the wh…
    in Chaos Comment by Revolution January 2019
  • I decrypted the file, I found the p*f service, but I cannot get the RCE. I am using Postman for my requests, and the only thing I get is the annoying "Error, wr**g da*a" message. Even with the default template. Any non-spoilery hints ?
    in Chaos Comment by Revolution January 2019
  • I am stuck. I am user n*****, and I found the SS* credentials of the user m****** but the problem is that I cannot login using those credentials (I tried using the famous metasploit module that helped me login to the user n***** as well). Probably t…
  • (Quote) You are welcome, I am happy that you found your way out! :)
  • (Quote) If you found something in the HTB format (e.g HTB{your_flag_here}) that means that you found the encoding; now, the only thing you need to do, is search for an alternative tool to decode it. Just google an other online decoder and you will b…
  • I am stuck at initial PrivEsc. I managed to login into the box using "Sm*Cli***t" without any creds, and I manage to get into two "sha***s". One is "Rep***cat***n" (in which I found several folders but no files) and the…
  • I have found the secret flag, but when I go and submit it, I just can't, it says that the flag is wrong. The fact that the flag has the format that HackTheBox is asking and also that it makes sense (I mean the text of the actual flag) makes it super…
  • I just rooted the box. Holy sh*t, I went to all rabbit holes during the final privesc, when the solution was practically in front of my eyes. Feel free to PM me if you need any spoiler-free hints.
  • I cannot even get a user on this. I already have wasted 5 days, and I have not get the user flag yet. Reading the posts from this topic, I understand that I have to find a secret page that will help me upload my payload. I tried with wfuzz and dirbu…
    in Bounty Comment by Revolution August 2018
  • I am trying to get a shell on this box, but I have issues. I found an exploit that could potentially execute shellcode for me, but it requires FTP to be open. The problem is that zenmap says that this port is closed, and if I try to connect "ma…
    in Bounty Comment by Revolution July 2018
  • *Spoiler Removed - Arrexel*
    in Poison Comment by Revolution July 2018
  • (Quote) Yes it is.
  • After I took 4 hours of my life, and threw them into the bin I would like to say something for this challenge, now that I found the correct answer. In previous answers on this thread some people said that you may need to modify the script in order t…
  • Enumeration my friend .... I know that it may sound irritating, but this is the key to find your way up to root. Try famous enumeration scripts (some of them are mentioned in the "official" Nibbles forum topic), and you will immediately un…
  • (Quote) I had the same issue with the shell, but I managed to complete the challenge. I just had to wait a bit in order to run the code. P.S If you are sure that what you are doing is the right thing but it does not work, take a good break and re-c…
    in NIbbles Comment by Revolution June 2018
  • With a hint from a friend, after 8 hours I managed to get the admin credentials and get a shell. Now the problem is that I used the search command of the meterpreter, and also the find command of the linux shell in very directory that I have access,…
    in NIbbles Comment by Revolution June 2018
  • It seems that I am the biggest noob, since I cannot find even the login page. So far, I managed to find the "hidden" site, and also find the "hidden" folders like: boot. I even found a folder with a file named login, but I cannoy…
    in NIbbles Comment by Revolution June 2018
Avatar

Howdy, Stranger!

Click here to create an account.