Spoiler Removed
Spoiler Removed
Any nudges needed? Message me.
rooted. Initial foothold was an absolute pain, mainly because I got stuck in the same trap as everyone else. Wonāt make that mistake again.
Otherwise learned some interesting things.
For user - everythingās been said before. Thereās an interesting file. If you canāt get the interesting file one way, consider other ways you may be able to access.
Root - also already said before in this thread. People have been really thorough. Itās a well-documented priv escalation if you see something that might stand out for you during enumeration.
Got root, fun box! New pirv esc method learned, PM for nudges 
I would love to get some nudges right now. Iāve found the L**, and found the t***** logon information, but not really sure where I need to move from there? Any help would be greatly appreciated!
@Raybz said:
I would love to get some nudges right now. Iāve found the L**, and found the t***** logon information, but not really sure where I need to move from there? Any help would be greatly appreciated!
So have a think about what you want to do next. Once you decide that there is a lot of guidance available.
Rooted. Fun box, more than enough hints around. Message me if you need a nudge.
Dang that was intenseā¦ Racing the reboots and learning a bunch of new things. Great box! As otherās have said TONS of useful hints already but foothold was definitely the most difficult part.
Type your comment> @Raybz said:
I would love to get some nudges right now. Iāve found the L**, and found the t***** logon information, but not really sure where I need to move from there? Any help would be greatly appreciated!
DM me bro
Rooted! Not sure if this was the right choice for my first box, but it was fun.
DM for any nudges.
got stuck on foothold. got the xml file, successfully uploaded the war, deployed it, started it, but doesnāt call back to me. Tried multiple payloads. maybe iām just stupid. any tips?
Type your comment> @davesipos said:
got stuck on foothold. got the xml file, successfully uploaded the war, deployed it, started it, but doesnāt call back to me. Tried multiple payloads. maybe iām just stupid. any tips?
iām assuming youāre talking about msf.
check the target setting too. you may have to change that to something more suitable.
& make sure youāre using the correct one for what you can access.
Type your comment> @kcaaj said:
Type your comment> @davesipos said:
got stuck on foothold. got the xml file, successfully uploaded the war, deployed it, started it, but doesnāt call back to me. Tried multiple payloads. maybe iām just stupid. any tips?
iām assuming youāre talking about msf.
check the target setting too. you may have to change that to something more suitable.
& make sure youāre using the correct one for what you can access.
Thank you, worked, Respect is on itās way
Spoiler Removed
I donāt know why I tried to look so much further than what was required for userā¦ From the initial enum of the ip address, it was clear that there was supposed to be that kind of file, given the nature of HTB, but somehow I just kept going deeper and deeper into that rabbit hole.
Anyway, getting the initial foothold was quite accessable, but delivering it in the right way was tricky for me.
root@tabby:~# whoami && id && hostname
root
uid=0(root) gid=0(root) groups=0(root)
tabby
Thanks for the nudges, everyone in the forum. Great box, learned a few new things.
Rooted! tq.
DM for any nudges
Good fun and a nice first box after a month away from my darling PC.
Foothold: Install the software the easiest way possible. Then locate where the file you need is saved on your machine. Donāt forget to check at the source if you think itās not working.
User: Find a file owned by your target and brutalize that ā ā ā ā .
Root: What are you a part of?