Dante Discussion

hackiecat · January 18, 2021, 3:50am

Hi all, just wondering if someone can give me a small poke in the right direction for the privesc for the foothold machine .100. First two flags were straight forward, and I think I have the right exploit for the privesc but it doesn’t seem to work?

Thanks

byt3punisher · January 18, 2021, 12:04pm

okay fine just trying to make sure am not going down a rabbit hole… .100 am in the wp application trying to upload and I enter FTP creds but its a no go… due to wp-content not found.
Looked it up, seems to be permission related. I tried with the user and the default login as well and nothing. Any hints?

edit: nevermind got it thank you @spacecatsec

invictim · January 18, 2021, 8:07pm

Stuck on flag 2, I feel like I have found everything I need but I can’t seem to figure out how to use it (besides bruteforcing). Can someone give me a nudge?

edit: nvm, got what I was looking for

A1eks · January 19, 2021, 2:50pm

Hi, give me pliz hint on priv esc ws03

edit:thank you @duemaster

bertels · January 21, 2021, 8:41am

Hi,
I got past the first machine and rooted DC01.
Now I am stuck on getting a foothold on any of the other machines.
Can somebody give me a hint on how to proceed?

Fkbug · January 21, 2021, 7:40pm

HI, i got rooted the initial foothold. but while using metasploit to privot, and i always got a segment fault to crash my meterpreter payload.
Can somebody teach me a better way to privot the linux? i’ve tried the neo-regeorge, but while i using it to piviot always got nmap wrong works. So anyone could show me a better way to piviot the network?

akhlaqur · January 22, 2021, 12:17am

Can anyone gimme a nudge for dante? Happy to share what I have done.

jimbo9519 · January 22, 2021, 6:31am

Hi I have SYSTEM on DC02, just looking for some guidance on exploiting both the machines in this ADMIN subnet please

k1ngPr4wn · January 23, 2021, 3:52pm

Just started Dante… but nmap scan isn’t finding any hosts at all… I can ping the .2 firewall so there seems to be general connectivity.

wuffoking · January 24, 2021, 12:39pm

Trying and failing to get into the foothold box. I have a set and half of creds, but seemingly nowhere to use them. Can anyone drop me a slight, slight nudge?

edit - thanks k1ngPr4wn

dangerous9xx · January 24, 2021, 4:59pm

Hi guys! Can anyone give me a nudge on the host discovery part, I am having issues with it
Thank you.

A1eks · January 28, 2021, 9:30am

Hi, I got access to DANTE-NIX02, DANTE-NIX04, DANTE-WS01, DANTE-NIX03, DANTE-DC01, DANTE-WEB-NIX01, DANTE-WS03. I understood where there should be access to the network of admins, but I can’t figure out how to get there.

scm · January 28, 2021, 9:56am

Type your comment> @k1ngPr4wn said:

Just started Dante… but nmap scan isn’t finding any hosts at all… I can ping the .2 firewall so there seems to be general connectivity.

I am having the same issue - have change nmap flags to ignore ping etc. but still not getting any live hosts.

Any suggestions?

salted · January 28, 2021, 10:01am

Did you > @scm said:

Type your comment> @k1ngPr4wn said:

Just started Dante… but nmap scan isn’t finding any hosts at all… I can ping the .2 firewall so there seems to be general connectivity.

I am having the same issue - have change nmap flags to ignore ping etc. but still not getting any live hosts.

Any suggestions?

Did you see the TPC / UPD VPN Discussion at Dante Discussion - #56 by BaddKharma - ProLabs - Hack The Box :: Forums - could this be your problem?

scm · January 28, 2021, 11:27am

Type your comment> @salted said:

Did you > @scm said:

Type your comment> @k1ngPr4wn said:

Just started Dante… but nmap scan isn’t finding any hosts at all… I can ping the .2 firewall so there seems to be general connectivity.

I am having the same issue - have change nmap flags to ignore ping etc. but still not getting any live hosts.

Any suggestions?

Did you see the TPC / UPD VPN Discussion at Dante Discussion - #56 by BaddKharma - ProLabs - Hack The Box :: Forums - could this be your problem?

Thanks for the pointer - its something weird about my VM. I loaded an old Kali VM (with the same network settings and same VM Manager) and it worked…

OPiX · January 28, 2021, 3:39pm

Hi everybody I am stucked on the NIX04. Found the ba, get in with creds but I do no find any vuln in it. Can anyone drop me a slight ? NIX07 too, found the J***** site, seems to be CVE vuln, but stucked here too.

lunetico · January 30, 2021, 6:41pm

Is W*******s caved on the initial box for everyone else as well??? Can’t really get any further while the lab is still broken. Frustrating. Anyone know what the turnaround time on getting pro-labs reset is?

motoraLes · January 31, 2021, 3:13am

Having the same problem > @lunetico said:

Is W*******s caved on the initial box for everyone else as well??? Can’t really get any further while the lab is still broken. Frustrating. Anyone know what the turnaround time on getting pro-labs reset is?

Can’t really work on w*******s due to plugin problems, I’ve read similar comments on this discussion. At this very moment I’m unable to connect to the specific machine. I’ll probably request a lab redeployment.

motoraLes · January 31, 2021, 2:55pm

Is anyone changing or messing with the W******s theme?

m3ll0 · January 31, 2021, 9:35pm

Nice box I’m having fun