I know that I probably shouldn’t even ask for advice and do the ■■■■ thing already, but I keep seeing nudges all over the thread and some of them are pretty much kinda contradicting each other.
UPDATE: Look it up on Google. Don’t ignore the thing you don’t know how to use, if there’s such a thing.> @AlwaysLivid said:
Any leads on the thing after log*******?
I know that I probably shouldn’t even ask for advice and do the ■■■■ thing already, but I keep seeing nudges all over the thread and some of them are pretty much kinda contradicting each other.
UPDATE: Look it up on Google. Don’t ignore the thing you don’t know about, because this is pretty much the key to the thing you exactly need. Won’t take more than 5 minutes of research if you know exactly what you’re looking for, trust me.
I learned what i am capable of. Though, need any educational hints. Stuck here.
edit: got root. For priv esc part. You really need to know what you are capable of.
I just reached root flag. Can anyone pm me about how to get root shell ?
Can anyone PM me to give me a nudge on how to escape the jail? I’ve got the user flag already and enumerated the environment I’m in (n****** user), but I’m not seeing a way to escape.
Could anyone PM me regarding the initial foothold? I am stuck in getting out of “jail”. I’ve tried numerous fuzzers without luck. I’ve also read the article referenced here quite a bit but I am still unable to get it. Any tips would be MUCH appreciated!
This box ate up a good part of my last two days. The initial foothold is simple enough if you know how to use BS. The privesc was a roller-coaster. I have root.txt (hint: check for file capabilities as others have mentioned) but still no shell yet. Crons and log******* seem like dead ends. Spoiler Removed - Arrexel
Not a web cat, so struggling with the initial foothold. Playing with BS and parameters, but not getting much traction. I’ve read the articles mentioned so have a decent understanding of what I’m trying to do. Figuring I am overthinking it. Any tips?
You can bypass a little something something by just using a new something something. One of the text editors is MUCH more useful than you think, read the man pages.
You need to look for something that’s actually capable of accessing the target, /DON’T/ waste your time on the decoy, because it’s as forcing a rabbit to ride a bicycle. (I tried to get the poor metaphorical rabbit to ride the bicycle for like 4 hours in total instead of actually following the slogan of the website and thinking outside the box.)
Looking into what all the files in your disposal can do is your friend.
I learned an amazing rshell bypass technique.
That’s all I’ll drop, because I think that I dropped way too much.
Shoutout to @wirepigeon, @Pazanate (in HTB) and @Hrafnskogr.
Hi, can someone please help me. I escaped the jail and now I am fully stuck. I believe i have checked file capabilities. But i really don’t know what to do. Please can someone pm me?