Officially quitting Bart after scanning directories for 24 hours.
@halfluke said:
Officially quitting Bart after scanning directories for 24 hours.
TryHarder Bro
I’ve got the entry point but I don’t know how to use it. Tried to upload a webshell via curl but I always get internal server error
Back to Bart after poison, got a low priv reverse shell thanks to some great help, and now stuck again of course
For sure Bart is NOT a medium machine
Rooted. Bart is definitely a hard machine.
First of all, I can’t thank enough 3 people, especially one who held my hand till the end.
I won’t mention their names for privacy.
I care to share hints as usual, but I have to say something first:
I did it the hard way.
It looks like there is at least a less painful way, but I cannot confirm it.
I just hope that people are not spreading fake hints on purpose (or even worse are exchanging/trading flags…) but I’ll try to check the easier way.
pretty confirmed that there is an easier way, not going to try it now because I learnt so much the hard way
thanks everyone for exchanging ideas in PM. Bart is not a hard machine, I did it the hard and unintended way as I’m a noob who doesn’t know the basics
Could anyone help me with the last step of thi box? PM or NetSec chat! Thanks
I need a different point of view of How I can find the right entry point. Not spoilers. I enumerated with different tools including dirb, dirbuster, gobuster, nikto, etc with no success.
After many people contacting me about bart… I thought I knew bart pretty well, and suddenly the hard way to root it doesn’t work anymore for whatever reason.
Fortunately it can still be rooted the “intended way”.
But hey, I really hate that machine by now
In any case, if you think you found the correct way and it doesn’t work, JUST RESET IT.
Have I already said that I hate Bart?
LOL
hi, stuck with the low-priv shell, any hint about priv esc to the other user? tried to run some automated tool but did not get anything usefull
I was able to enumerate some usernames for the page that a sysadmin might use but something tells me bruteforce (like most times on HTB) is not the way to go to login. Any nudges peeps? I fear it may be a rabbit hole.
I am completely lost with this machine. I enumerated, found users, apps, login, etc but now way in. can anyone please pm for a hint what i am missing … big thanks!
in the meantime i am able to login to a web app and found a new one but i still don’t have a clue how to get an initial shell. maybe i just dig too deep into a rabbit hole. any hints welcome
@gash said:
in the meantime i am able to login to a web app and found a new one but i still don’t have a clue how to get an initial shell. maybe i just dig too deep into a rabbit hole. any hints welcome
google for what you see in the new one and hack it.
@d00gman said:
I was able to enumerate some usernames for the page that a sysadmin might use but something tells me bruteforce (like most times on HTB) is not the way to go to login. Any nudges peeps? I fear it may be a rabbit hole.
Just do what you think bro even it is a rabbit. You will learn more after you fail.
@n0n4me said:
@gash said:
in the meantime i am able to login to a web app and found a new one but i still don’t have a clue how to get an initial shell. maybe i just dig too deep into a rabbit hole. any hints welcomegoogle for what you see in the new one and hack it.
Is this a well known vulnerability? I can even find sources of the new app, but google this time does not help finding any exploits.
@macw141 said:
@n0n4me said:
@gash said:
in the meantime i am able to login to a web app and found a new one but i still don’t have a clue how to get an initial shell. maybe i just dig too deep into a rabbit hole. any hints welcomegoogle for what you see in the new one and hack it.
Is this a well known vulnerability? I can even find sources of the new app, but google this time does not help finding any exploits.
No, it is not a well known vulnerability. This part of challenge was created for checking your skill.
@n0n4me said:
@macw141 said:
@n0n4me said:
@gash said:
in the meantime i am able to login to a web app and found a new one but i still don’t have a clue how to get an initial shell. maybe i just dig too deep into a rabbit hole. any hints welcomegoogle for what you see in the new one and hack it.
Is this a well known vulnerability? I can even find sources of the new app, but google this time does not help finding any exploits.
No, it is not a well known vulnerability. This part of challenge was created for checking your skill.
Thank you, indeed, you are right. Have it already. Now a weak shell and looking for escalation path. So far cannot see light in the tunnel, so would appreciate any advice.
any nudge on priv esc anyone? Thanks
what is and how to use hackthebox.eu