unkn0wnsyst3m

About

Username
unkn0wnsyst3m
Joined
Visits
349
Last Active
Roles
Member

Comments

  • so ive only gotten the foothold so far, but my advice is to really really really understand how the folder structure works for the service you are exploiting. I spent 2 hrs on this and just realized I was looking in the a standard folder but when i…
  • this one was great - best hint i can give is too not try to assume any complexities regarding the "teacher-student" instructions. When you get near the end, just research your way to the finish. Great box!
  • htb teammates - need some help here. I follow the clues, found what i think is the right place to trick an unsuspecting target (based on the clues), i can successfully test it (so i know i catch what i need and i know it works) but the target doesn…
  • Interesting box, some hints: dont over complicate, keep it simple stupid priv esc is not really priv esc on the remote side - you'll tinker with local configs to get root
  • Nice machine to come back to htb with. Foothold: careful enumeration will help you discover the first tidbit, then always always always try to access new things that maybe you werent able to before User: Fairly straightforward, Find a way to exec…
  • Rooted! foothold + user: this part show the importance of writing down what you know and what you need; maybe you already have access to what you need... root: follow the hints
  • rooted - thanks @TazWake for that final nudge foothold - learn the cli, fairly simple actually once you find the correct cli methods user - your previous enum (done on every initial htb engagement) will find the hints and things you need for this ro…
  • Type your comment> @Raskul82 said: (Quote) if you have a foothold you already have the capability and access needed to get the user flag. what enum have you done? have you played around with the cli tools? did you do the typical dir discovery…
  • Type your comment> @l0w said: (Quote) is the php file a rabbit hole here? Seems that the tables are not appropriately set up for this script to work, also wondering why the local 8*** is even there is there isnt anything here.
  • can anyone give me a nudge here? I have the ability to upload, not execute, i get that i have to place a payload somewhere else, but cant figure out where else i have permissions/access to do this. I see people talk about "linking" the t…
  • got it, i must have overlooked it sigh....thanks!
  • Type your comment> @SovietBeast said: > Type your comment> @unkn0wnsyst3m said: > > (Quote) > @unkn0wnsyst3m b*** is a user, I wasn't sure if this was a spoiler or not so I mask it, but if you are struggling with cracking use…
  • Type your comment> @SovietBeast said: > Are user (b***) password crackable? I'm like 1h in rockyou and can't can't manage to crack it and I'm quite stuck on that > EDIT: > It is but right hash need to be bruteforced are there any h…
  • can i get a nudge on cracking the hashes? I found more than 2, having trouble getting the right dictionary for this. I am running hashcat and ran jtr both with the B* algorithm but it doesnt seem to be able to crack. I found the search engine bu…
  • Isnt it python3 http-server instead of http.server ? Also try to omit the port 80 and just run python3 -m http-server to run on the default port 8000 From your paste (and i dont remember the full behavior of that module) i see only ipv6 services r…
  • rooted. seems to me that medium boxes are easier than the easy ones...definitely like to be able to tinker with my payloads User: simple enum then google; you are more powerful than you think Root: Ehhh, root around the different folders user-inst…
  • @TazWake @b1narygl1tch i find that even the "useless messages" are still somewhat helpful. When i am strugging, I certainly take some solice in seeing that the people that solved these challenges quickly were very experienced so it makes…
  • glad to help!
  • alright so silly me looking through the man pages https://man.netbsd.org/NetBSD-9.0/**** Thanks @r0m4r10 @bw00lley for the support here, definitely was on the right track but routinely missed the critical nugget to show me the answer in my online r…
  • https://forum.hackthebox.eu/discussion/3998/looking-for-a-team-in-germany#latest
  • Type your comment> @bw00lley said: (Quote) haha can you hold my hand to pay it forward? lol to me the next logical step is to exploit a similar looking service but running with user perms...but it doesnt seem vulnerable (i feel like i have new …
  • can someone give me a nudge on the 'c' parameter? I understand the concept, i understand how to theoretically do it, just would like some help with the methodology used to discover it and to achieve the end result. thanks team!
  • (Quote) never mind, dangit!
  • rooted! Interesting box, full of frustrations... Foothold - exploit chain, can be done with a script if you know what the chain is and how to search it User - listen to your priv esc tools Root - typical priv esc research will find this thing, if …
  • For those not interested in trying harder than you need to (this is me for this one) you dont need an elaborate setup to get the exploit for your foothold to work....just find the right CVE and google.
  • ROOTED! Fun machine, learned about a new vulnerability today! Foothold - #@$&%&, examine the unique http responses you get back, not the top 2 web services out there...then look for a page/s consistent with that vuln to enable you to trigg…
  • Type your comment> @Gizmet said: (Quote) you are probably enumerating for a specific vulnerability that is not there. check the http responses for a hint and then find a page that behaves consistent to that vulnerability.
  • Type your comment> @rowra said: (Quote) I think this is a rabbit hole, but your thoughts are correct in looking for "keys"...suggest you run some linux CLI juju to find what you are looking for in an automated way. There certainly is …
  • Alright...I've been banging my head on a wall....did that for a few days, left, then decided to come back, banging on the same wall again. I've read all the posts in this thread and i am apparently seriously behind in my injection knowledge. peopl…
Avatar

Howdy, Stranger!

Click here to create an account.