I have a shell with the user a****e but can’t find the password, only found the username b***********n. Any help? I saw some people saying to look at services and stuff, tried to search the command for that, but can’t find anything that works
I have a shell with the user a****e but can’t find the password, only found the username b***********n. Any help? I saw some people saying to look at services and stuff, tried to search the command for that, but can’t find anything that works
I think that there are two ways to do root, both oriented around the same program. One of them requires crafting correctly (and you may struggle with setting up the environment like I did depending on how your machine is configured) and the other relies on modifying an older vuln (but I was forced to revert the box before it worked).
getting a foothold and user was actually harder for me than getting root.
foothold : look around google, OSINT.
user : ENUMERATE, ENUMERATE, ENUMERATE, all you need is already where you are.
root : there’s a known exploit, you just need to craft it for your needs.
There are actually a lot of hints on this discussion, so if you’re having a hard time… just read everything here from page 1 to end.
guys can you help me i cant open any websites from htb when i go to open any of then the error shows dns probe finished nxdomain in any box i checked everything from fixing dns and setting it to google and resetting network manger i just cant open the websites ending in .htb so please help me i am new here
guys can you help me i cant open any websites from htb when i go to open any of then the error shows dns probe finished nxdomain in any box i checked everything from fixing dns and setting it to google and resetting network manger i just cant open the websites ending in .htb so please help me i am new here
Three points:
you need to add the domains to your hosts file. HTB doesn’t use DNS (and it would be a bit weird if it tried to really), so you have to tell your computer what IP address are which hostname.
you probably should work through the Starting Point boxes.
you might also want to look at the academy site to learn some of the basics.
I’m bashing my head into a wall right now…
Got initial foothold under a*e using a popular framework. Cannot seem to connect to ml, even from the shell. Tried port forwarding and still no luck. BTW, I have the credentials to connect, but can’t seem to do so. Any help would be greatly appreciated.
EDIT: NM, hahahaha… found the alternative, and much simpler, method
Hey, could you PM me the alternate method? I’ve been trying to connect to the database, but to no avail. I have the creds.
Foothold: The clue is in the name. User: A little two-step and then you can get in through the frontdoor. Root: The master of an older generation can show you the way with his teachings.
Getting the thing to actually build seemed to be the hardest part.
Am stuck in root. Even though I went through linpeas and other methods I haven’t found a way to go about it…maybe i just can’t see it. If anyone wants to drop a hint dm me
Am stuck in root. Even though I went through linpeas and other methods I haven’t found a way to go about it…maybe i just can’t see it. If anyone wants to drop a hint dm me
Fun little box! Found getting user quite straight forward as it involved some staple techniques that every beginner should know, or use this as the perfect opportunity to learn if they haven’t yet.
The root user was a little trickier as I didn’t immediately work out that I’d found the right exploit, as I’d seen some closed things and discarded the idea.
After trying a little crafting of my own and running into all sorts of issues, I realised I could adapt what I found before and after a little decoding, just used what was already out there.
It didn’t work initially as I think someone else had already broken something on the box, but after a reset, the exploit worked exactly as it should.