Got user…tried gt** b*** way no luck…trying the d**** c** exploit now
Type your comment> @gackerboy said:
Stuck on user, found the m**** creds, but unable to get output from the service…a few people mentioned using the three headed beast on the other service so might try that. But pulling my hair out trying to conquer this m**** route. ughhh any help with that path is much appreciated
I seem to be stuck on user here.
The only route I can find is via m__ but that constantly failing to create a session, and I cant work out what it needs to do for a manual exploit.
Have I become target fixated and do I need to look elsewhere?
OK - it turned out my local port choice was the problem - when I used the default it worked…
Interesting box. Be sure to enumerate, enumerate, enumerate. DM me if you need any nudges.
rooted 
No need for the greek legend.
PM if you stuck.
Think I might be on the wrong track - does attempting to log in to the m***l service hang for anyone else?
yo did someone mess with the user hash or am i supposed to figure something out ???
hey guys, im stuck at root, the exploit that im using actually updates the service after usage, is it still rootable? what am I missing? thanks
edit: ok, so, I realised that i can craft my own exploit, on the install file, but i dont exacly know how to do it…
root is giving me so much problems ffs been stuck for hours.
Tried to use d****_s**k for privesc but the script doesn’t work.
im now trying to make a custom ***p with the tool **m but don’t know how to generate that ***p properly, too many options its driving me crazy…
Any help in DM pls? thank you guys.
Rooted.
The root part was not that hard but it took me quite a while to get user after the foothold.
For this machine you really can say: enumerate, enumerate, enumerate.
PM me if you accept hints from a beginner
I have a question (I’m noob).
I got the password with jn.
I had used hat before but failed. Was it possible to do this with ha**t?
Got root.
Did you all craft your own payload with s*** or did you copy the one you can google?
Just took a quick glance through the comments and didn’t see this anywhere. If your environment doesn’t support crafting, you can do everything you need to by booting a live Ubuntu Server ISO in another VM. Save yourself a world of trouble and time and don’t try to get it to work in Kali, just do it natively in Ubuntu and transfer the file.
I got user and root but HtB says they are not the right flags, any ideas??
Rooted successfully,
user is easy, just look for files properly, you will get the info
root is also easy if you follow the proper steps S*** privsec
DM for nudges
Do someone built the privilege escalation exploit from scratch following GTFObins on a Kali machine? Can I have a help?
I exploited the box some time ago with a “vanilla” process from GTFObins but now the same process does not work anymore -.-
Type your comment> @0xbro said:
Do someone built the privilege escalation exploit from scratch following GTFObins on a Kali machine? Can I have a help?
I exploited the box some time ago with a “vanilla” process from GTFObins but now the same process does not work anymore -.-
There was a suggestion earlier in this thread to build it in an Ubuntu VM as opposed to trying to get it to work with Kali.
This was a great box! Solid, real-life-scenario steps from foothold to user to root.
@routetehpacket said:
Type your comment> @0xbro said:Do someone built the privilege escalation exploit from scratch following GTFObins on a Kali machine? Can I have a help?
I exploited the box some time ago with a “vanilla” process from GTFObins but now the same process does not work anymore -.-There was a suggestion earlier in this thread to build it in an Ubuntu VM as opposed to trying to get it to work with Kali.
This was a great box! Solid, real-life-scenario steps from foothold to user to root.
Yeah I read it but I do not get why this time it did not work to me, while the first time did… probably a Kali update?
Type your comment
@letourneaualex said:
I thought I saw a way to root the box on GTFObins using fpm to simplify the crafting process but I get an error "error: cannot perform the following tasks:…’ , should it work or I really have craft the whole thing from scratch?
Once I installed fpm on kali, it worked for me following the instructions as described.
