Traceback

MiningOmerta · May 31, 2020, 12:23pm

This one took me wayyyy longer than anticipated. Learned a lot, screamed a little, but got it in the end! Congrats to everyone who got it so quickly. The path to root is something I will always keep in the toolbelt. Thank you to the box maker!

There’s probably enough here in the comments to get you going, but I’d like to offer a subtle methodical nudge.

To anyone struggling at privesc: Think about the logical flow of keeping persistence on a box. What’s the first thing you’d like to have happen? And what goes into that from the system’s perspective? I hope this helps someone. I was stuck here for a while.

Feel free to DM. You need to tell me where you’re stuck and what all you’ve tried. I will not tell you what to do, but I am happy to offer some guidance.

aditya12anand · May 31, 2020, 5:40pm

Rooted the box! Anyone who needs a nudge, feel free to ping me!

Look for hints that aren’t obvious in the first look.
Then you would need to carry out some OSINT, 5 minutes max.
Once you find the list of possible solutions, you have to have to find which one works.
Use that solution to spawn a shell.
Now you have to do a little privesc step to go from user1 to user2.
Get yourself a fancy shell and then look for things happening on the machine.
Once you get the idea of what’s happening, change that file and be really quick!

If it helped you a bit, feel free to drop +1 respect.

Sudu1 · May 31, 2020, 7:51pm

I’m confused with getting the user here. I figured out which webshell to use and tried using default auth in the it, but was not able to get anything after that. Am I missing something obvious here???

Thank you for your help

Thanks,
Sudu

wittr · June 3, 2020, 3:45am

rooted! Great box for a noob. Thanks for setting it up.

nameless1337 · June 3, 2020, 9:20pm

Rooted. Pretty cool box, was very fun.

UGlz · June 6, 2020, 1:30pm

Rooted a few days ago as my first machine on HTB. Cool box, easy but fun, learned some useful tricks.

Often hints are in plain sight, try to understand where they could be: then Google is, as always, your friend.
This will lead you straight to have access on the web shell. From there, you’re gonna need to find a way to access on the machine itself, keeping in mind that there are some backdoors opened.
Once on the machine, read everything you find there and try to understand what you can do as w*** in order to migrate to s***. Then remember what you’ve already seen: as I said before, often hints are in plain sight. There are some messages somewhere you can modify as you prefer. This would lead you to own machine!

Hope this is not too much of a spoiler. Feel free to PM me if you need nudges!

per11sc00p · June 6, 2020, 1:41pm

Easy box. Thanks! Pm if you need help

kinryu · June 8, 2020, 5:13am

Hey! Noobie here with a lot to learn.

I got User flag (OSINT and privileged esc) but am having some trouble with Root. could someone PM me for a nudge?

I think I understand what I need to do but it’s not working for me and i’m not sure if i’m just too slow or if i’m in the wrong place.

thanks!

kinryu · June 8, 2020, 8:34am

I got it! I completely forgot about what i found in the first steps that are critical for root.

Thanks @UGlz for the subtle nudge

srag0x · June 8, 2020, 11:06am

Hi guys, not seen that it was mention here, but after i found out correct shell, i try to login and my connection times out…
any help here?

TheGaiaSystem · June 9, 2020, 12:32pm

Hi there, I’m a bit stuck on the user part. I found the shell and the note and via s*** I found l****. I created a l** reverse shell and tried to run it with l****, but I don’t get any response, neither an error nor a shell. Do you guys know what I’m doing wrong?

HomeSen · June 9, 2020, 1:35pm

@Gaiaphage said:

Hi there, I’m a bit stuck on the user part. I found the shell and the note and via s*** I found l****. I created a l** reverse shell and tried to run it with l****, but I don’t get any response, neither an error nor a shell. Do you guys know what I’m doing wrong?

Why does it have to be a reverse shell? Maybe try some simpler commands that allow you to get access.

D4rkn3S · June 9, 2020, 1:59pm

root@traceback:/root# ifconfig|grep inet|grep -v inet6;id;hostname;wc -c /root/root.txt
oot.txtg|grep inet|grep -v inet6;id;hostname;wc -c /root/ro
inet 10.10.10.181 netmask 255.255.255.0 broadcast 10.10.10.255
inet 127.0.0.1 netmask 255.0.0.0
uid=0(root) gid=0(root) groups=0(root)
traceback
33 /root/root.txt

rsxD · June 10, 2020, 1:22pm

Rooted
Nice box (:

mukilan1600 · June 11, 2020, 4:45am

Stuck on root. I figured out i have to trigger something by s** into the box but mot*.* doesn’t seem to be triggered unless s** with a valid password which i can’t seem to find. Help would be appreciated!

Edit: Got it!

battletux · June 11, 2020, 2:21pm

Got User. Struggling with root.

HG2020 · June 12, 2020, 12:12am

Type your comment> @battletux said:

Got User. Struggling with root.

SAME!

HG2020 · June 12, 2020, 7:00am

WOW… that is a brain tease Anyone login as root?

argenestel · June 12, 2020, 7:52am

Since i am a bit free anyone who require nudge can ping me. I would like to help if someone is really stuck.

kohonen · June 13, 2020, 2:24am

never mind. didnt tried the easiest of them all