SAME> @damag3d said:
Can somebody help I’ve exploited the system (I have a shell) but I don’t know where to find the flag I’m stuck
SAME> @damag3d said:
Can somebody help I’ve exploited the system (I have a shell) but I don’t know where to find the flag I’m stuck
@damag3d said:
Can somebody help I’ve exploited the system (I have a shell) but I don’t know where to find the flag I’m stuck
Just get the right files mentioned in OWN ROOT and OWN USER and go through them to get what is required.
@technocyber2 said:
@ghostheadx2 said:
Does anyone have any hints for Blue? I tried an intense nmap scan and a ping scan and found the name of the PC and that some ports were open but it’s not like its something simple like SSH. Could I have a hint as to what to do next? I don’t want the answer, I just want a hint because I’m a beginner and I don’t have a clue. Thanks.Remember the exploit that wrecked havoc on major systems across the world. Trust me this is the easiest machine to exploit if you it It took me 5 minutes the moment i knew what OS it was running.
In addition to it. GOOGLE is your best friend
can some one help please , i am getting this error
Reading profile /etc/firejail/wine.profile
Reading profile /etc/firejail/disable-common.inc
Reading profile /etc/firejail/disable-devel.inc
Reading profile /etc/firejail/disable-programs.inc
[-] Error getting output back from Core; aborting…
[-] 10.10.10.40:445 - Are you sure it’s vulnerable?
Reading profile /etc/firejail/wine.profile
Reading profile /etc/firejail/disable-common.inc
Reading profile /etc/firejail/disable-devel.inc
Reading profile /etc/firejail/disable-programs.inc
[-] 10.10.10.40:445 - Oops, something was wrong!
[*] Exploit completed, but no session was created.
@redteampa1 I am also getting the same error.
Please if you find how to fix it tell me in the comments.
i m inside but i can not find flag.How can i find? Can u help me?
Hi guys, I’m a noob here and I am currently stuck on this too! I think i’ve found the right exploit but it doesnt seem to be working. Are we definitely talking SMB related? Tried running exploit directly with metasploit which seemed to struggle finding deps folder. Ran in armitage but I cant seem to get that working either. Now all of sudden I cannot scan any machines - despite still being connected correctly to vpn? Any ideas please, I’m about to pull the hair out of my bald head! Thank you
I am a new user here. I signed up few months back but haven’t had any chance to work on any of the machines. I finally took up a challenge today and after so much research with GOOGLE, I was able to get a meterpreter session on the machine Indeed Blue. After the meterpreter session, i must say i really don’t know what i need to find on the Machine since this was my first time of doing this, and having to be a collect student, I only took a screenshot of the machine and it came in directly to one of my folder. Can any body please point me in the direction of what is exactly needed to be done on the Machine? Do i need to find something? What is needed to be done to be sure i finally owned the machine?
@Arrexel said:
The name of the machine is a hint as to what exploit you will need to use. Think of something released fairly recently. Was all over the news when it was released
This was a killer
@hackmatterz said:
@Arrexel said:
The name of the machine is a hint as to what exploit you will need to use. Think of something released fairly recently. Was all over the news when it was releasedThis was a killer
Can you tell what i really need to do on the machine after the meterpreter session? DO i have to look for something to own it? It’s really not detailed on the machine on HTB
@hackmatterz said:
@Arrexel said:
The name of the machine is a hint as to what exploit you will need to use. Think of something released fairly recently. Was all over the news when it was releasedThis was a killer
I also would like to add that the exploit sometimes gives FAIL, sometimes WIN. That’s what it’s nature, so you gotta try the exploit a few times.
@erkana said:
@hackmatterz said:
@Arrexel said:
The name of the machine is a hint as to what exploit you will need to use. Think of something released fairly recently. Was all over the news when it was releasedThis was a killer
I also would like to add that the exploit sometimes gives FAIL, sometimes WIN. That’s what it’s nature, so you gotta try the exploit a few times.
Yes it shows FAILS and pick it self. Please what am i to look for once the meterpreter session open? That’s the problem am facing now and it disconnects if i leave it for a while without doing anything on it. i am still unsure of what to lookout for since it will not well detailed on the Machine Name in HTB Main Site. Can you please advise? Thanks
Own User
Type below the hash that is inside the user.txt file in the machine. The file can be found under /home/{username} on Linux machines and at the Desktop of the user on Windows.
Warning: Based on our rules and ToS, you are not allowed to post any writeups or solutions for this machine until it is retired.
@deltaclock said:
Own User
Type below the hash that is inside the user.txt file in the machine. The file can be found under /home/{username} on Linux machines and at the Desktop of the user on Windows.Warning: Based on our rules and ToS, you are not allowed to post any writeups or solutions for this machine until it is retired.
I am not posting any solution. I am just confused as to what to look for in the machine.
get user submit user.txt flag
get root submit root.txt flag
@deltaclock said:
get user submit user.txt flagget root submit root.txt flag
how do you mean get user submit please?. I have already gotten those coded but looked encrypted. I am unsure what is coming up next to own the machine. Do i submit the code to someone or what?
cd Desktop
type user.txt
copy paste that to the blue box page…
likewise for root.txt
@deltaclock said:
cd Desktop
type user.txt
copy paste that to the blue box page…
likewise for root.txt
Yes i was able to navigate after the shell command, I got copies of the user.txt and root.txt. they seems to be encypted. so i was thinking of using hashcat on them. Also, where is the bluebox page. is it on the same machine and do i have to do that on the meterpreter session?
Fount it and Own it.,…FInally understand where the hashes goes to…Unto the next machine
good luck