Some hint in Calamity to get ssh password? I cant find anything in the audio files
Dig deeper into the audio files. Have the audacity.
There should be two audio files that sound the same. You have everything you need in those files. If you get stuck, message me and Iāll try give you more of a nudge. But just try research as much as you can first.
Also, download audacity. Itās free and easy to use for audio editing.
tried audicity and nothing in the spectogram. Where is the password hidden? the password is an audio or text?
try harder with audacity
from A to B from A to B
not able to understand still whats there in the voice after using audacityā¦
@looping said:
not able to understand still whats there in the voice after using audacityā¦
If done properly, you can easily get the password. No extra effort will be required after that
I get the password, now, Iām stopped in priv esc, how to continue? (Sorry, bad english)
@SkuLL said:
I get the password, now, Iām stopped in priv esc, how to continue? (Sorry, bad english)
Enumerate. There should be something you see on there that you donāt see on other boxes on here. Find out what itās used for, and then see what you can use it on. Itās difficult. Nobody can walk you through it.
@SkuLL said:
I get the password, now, Iām stopped in priv esc, how to continue? (Sorry, bad english)
Iād suggest putting this one on hold and moving on to an easier one. Once youāve completed ALL āEasyā and āMediumā difficulty machines, maybe then come back to Calamity.
am in calamity ā¦ gonna try privs ā¦ am not good this type of exploitation ā¦ BTW i already have done a machien witout ASLR ā¦ i know it will be goodluck to exploit with ā¦do i need to create my binery of some special bytes etc???
@bug said:
am in calamity ā¦ gonna try privs ā¦ am not good this type of exploitation ā¦ BTW i already have done a machien witout ASLR ā¦ i know it will be goodluck to exploit with ā¦do i need to create my binery of some special bytes etc???
This is one of the hardest privesc scenarios on HTB, in my opinion. You wonāt find much help or guidance on this machine.
@bug said:
am in calamity ā¦ gonna try privs ā¦ am not good this type of exploitation ā¦ BTW i already have done a machien witout ASLR ā¦ i know it will be goodluck to exploit with ā¦do i need to create my binery of some special bytes etc???
Hi there bug!
Well, Iām still at it but I am on the right track. So hereās some tips for youā¦:
-
Find the way to trigger something. Have a look at the sources; it seems pretty obvious, I think.
-
Once you have triggered that āsomethingā, feed it with some crafted piece of shell-code to do whatever you think you need to do in order to p0wn the system ā¦
Tips: maybe you would need more than one āspecial craftedā input ā¦
Iām trying to get the ssh pass, but, since I donāt speak english, well, canāt undertand the pass haha
Anybody can help me?
@puerkito66 said:
Iām trying to get the ssh pass, but, since I donāt speak english, well, canāt undertand the pass hahaAnybody can help me?
I guess that, in your case, you should contact HTB staffā¦
@socialkas said:
@puerkito66 said:
Iām trying to get the ssh pass, but, since I donāt speak english, well, canāt undertand the pass hahaAnybody can help me?
I guess that, in your case, you should contact HTB staffā¦
nevermind, I got it
Well guys, Iāve finally did it! I p0wned calamity, amazing experienceā¦ 6 terrible days studying about BOFS, ROPā¦but finally, itās done. Amazing what iāve learnedā¦
!!!
Calamity Any hint? Newbie here
i have the user hash, but i canāt get the root hashā¦ someone help me with priv esc?