alemusix

About

Username
alemusix
Joined
Visits
905
Last Active
Roles
Member

Comments

  • If you managed to s** as j**** try to list user permission. The priv esc steps are quite straight forward tbh
  • Have a look in the s** auth**********s and see what's preventing you from using what you've recovered
  • The backtick is used to execute command. In a terminal `command` is the equivalent of $(command). Double and single quote are used to pass input as string
  • Type your comment> @realslimsudo said: > Type your comment> @s0n0fMrN0b0dy said: > > I have reverse shell, I found the d* creds but m*** wont connect. It just hangs there and does nothing. Wrong creds give error, so I am not sure if…
  • Type your comment> @limeeattack said: > I have a foothold and ssh access to the s****i user, but I'm having trouble escalating to the d*******r or r**t user. I found the admin hash in the database, but I feel like this is a rabbit hole. &g…
  • Rooted, nice box! Foothold/user: Enumerate well because this could save you time! Because I haven't look thoroughly what I had in front of me I wasted lot of time (had some hard times using w***z and choosing the right w***l**t). You'll discove…
  • What a nice box it was! It took me some days but eventually I rooted thanks also to the hidden hints in the forum. Foothold: Enumeration+top10 OWASP most common issues will lead you to a new place. The Enumeration step is critical to understand wha…
  • Fun box! Foothold: can't really trust browsers these days, you need to look beyond. Find the weak link and abuse it, beware of rabbit holes! User: if you've enumerated correctly in the first step you should have the necessary to retrieve good s…
  • Nice medium box! Foothold: enumeration will help you recover something useful that will point you in the right direction. Analyze carefully what you have, if you can't access from the main door try a secondary (googling will help understand how you…
  • What a unique box it is! For me was actually an hard box, given my lack of knowledge of AD User: basic enumeration + the use of a specific tool will lead you to the first flag. Root: As I state before, the uniqueness of the box is that you're never…
  • Finally rooted. Foothold/user: Spent more time than I should have. Classic enumeration pointed me in the right direction but struggled with the exploit, since I was not using the proper filtered payload. You should use the exploit to access the …
  • Rooted Foothold/User: enumerate service discovered. Root: traceback to initial enumeration and try to go trough the tunnel, eventually you'll reach the finish line. Thanks for the box!
  • Rooted! Foothold: Google how the endpoint works and understand how can you exploit User: recover all informations, but pay attention why something is not working (recall the main theme of the box). Enumerate enumerate enumerate. Root: at this point …
  • Rooted Foothold/user: everything you need is in front of you, remember to count as a machine and not as human! Root: very classic enumeration (the name of the box gives it away) Thanks for the box!
  • Rooted. Foothold/user: analyze carefully what is in front of you. A specific issue will allow you to do nice stuff that will help you "secretly" recover something. Iterate this issue and finally you'll land on target. Root: enumeration is…
  • Finally rooted. This honestly felt like and insane box to me Foothold: Look out for the rabbit holes. Keep enumerate and climb the chain. User: If you really want to attend the show you must have the ticket! Root: At this point you should have unde…
  • Rooted nice little box. Foothold/User: check everything don't leave any stone unturned. Eventually you'll find the crack in the system Root: basic enumeration Thanks for the box!
  • Finally rooted. This was an interesting box because it pushed me to study a protocol that honestly I know too little. Foothold/User: The big hint was in the twitter account of HTB. Once you understand what the main purpose of the box is, enumerate …
  • Finally root, this took me a lot of effort I'm sure who is familiar with technology involved can solve the box with less trouble than I had. Foothold/User: analyze carefully what you have and extract useful informations. At some point with enumerat…
  • Rooted, it was a fun easybox! Foothold/User: read carefully output from initial enumeration. After you understand what you can do, be curios to see where you can look into. When you arrive in a certain place the steps to gain access to box are simp…
  • Rooted. Another challenging box! Foothold: enumeration will guide you into the right direction. You'll need to gather all possible information you can. After moved into other places, again enumeration and google will allow you to gain foot into the…
  • Finally rooted. What a ride! This was my first hard machine, I learned a lot. Foothold: Need to familiarize with the term "Breadcrumbs". Enumeration is vital, you'll understand piece by piece what you have in front and eventually you will…
  • Type your comment> @linuxfan said: (Quote) Try connecting to classical lab VPN. Atom IP is 10.10.10.237 I had issued spawning the machine in the release arena vpn
  • Rooted nice box! Foothold: Enumeration is crucial. Don't overlook different kind of enumeration, eventually you'll land in the right place. Read carefully all messages so you can "steal" the opportunity to to something evil. With the help…
  • Found an hash but can't crack. Is this the right path for getting user j***e? Edit: managed to crack with j was using h**c*t. Got user.
  • Got user, tonight I'll try to root the box. I was doing everything correctly but a little dumb mistake that blocked me for like 12 hours. P.S. I'm using lab vpn and not release arena because I can't spawn the machine there (IP 10.10.10.237) Edit: r…
  • Rooted, this was quite an hard box for me, and taught me a lot since I had no knowledge of service beneath. Foothold: look at what you have, read everything both in "front" and in the "back" and enumerate accordingly. Once you h…
  • Type your comment> @iamshaleen said: (Quote) Are you sure you really are root?
  • Rooted, this was quite a simple box to be honest, maybe because recently I did an easy box using same approach Foothold: Enumerate what you've found, and understand versioning. Search for vulnerabilites. There are several tools in the Web, personal…
  • Rooted. Nice box. Foothold: This was the part I struggled the most as you clearlt found THE clue but it's not clear (at least for me) how to use. Finally try to understand how you may unlock hidden places. After you've arrived in the right place do…
Avatar

Howdy, Stranger!

Click here to create an account.