Friendzone - HackTheBox

okseeyou · April 10, 2019, 5:02am

Can someone assist me with enumerating that port 53? I already found the text file.

utkarsh123 · April 10, 2019, 9:50am

I have found the creds of admin, but they are not working anywhere. ftp, ssh everything I checked

utkarsh123 · April 10, 2019, 12:41pm

Hi I found something cool! But need someone to whom I can discuss. @gokuKaioKen Can you man?

utkarsh123 · April 10, 2019, 12:41pm

talk!**

Zapherion · April 10, 2019, 5:54pm

Anyone who can help me with root?

ScreenSlav3r · April 10, 2019, 6:38pm

Type your comment> @Brutef0rce said:

Anyone who can help me with root?

Ping me I’ll help you

N0ur5 · April 10, 2019, 7:56pm

Stuck on haha page with LFI like many others
meh

EDIT: Got it- Was messing with the wrong param like an idiot (the param that displays a pic), instead of the correct param. Someones hint was to pay attention to how the default values in the params really work and then try the LFI (assuming you know where to look with LFI by enumerating the S** port properly).

IgorLB · April 10, 2019, 10:39pm

Type your comment> @Brutef0rce said:

Anyone who can help me with root?

Try to use pspy (google it) for process monitoring.

sahil0x08 · April 11, 2019, 10:03am

Guys enumerated DNS not sure totally correct got the subs and even enumerated for HAHA and other image file.But totally struck on what to do next and how to get creds.Can anyone help me out some more hints on what to do next…

nscur0 · April 11, 2019, 12:22pm

Nice box. Root is pretty obvious, although the “open book” kinda situation feels somewhat CTF-ish.

Kontakis · April 11, 2019, 4:18pm

Hello all ,

I enumarated 53 , found some subdomains but i can not access that subdomains.I tried to change my hosts file but it’s not working.i have limited time for my exam.someone please dm me to shortest way of user.

Thanks a lot

nspagnola27 · April 11, 2019, 4:23pm

Not very familiar with dns enumeration and whatever I try does yields no resutlts, can someone help me out with the dns enumeration. I tried nmap scripts, nslookup, dig, and dnsrecon and like I said I got nothing out of it. Help appreciated.

p4nd4 · April 12, 2019, 6:36am

I try to access the web application, although I can ping an.frtal.r*d, i can not browse it, nslookup return “Got recursion not available from 10.10.10.123”. Please help me.

sahil0x08 · April 12, 2019, 8:45am

hey guys,
I got the user can anyone help me to root.I found the required snake lib but unable to esclate to root

hackerg1rl · April 12, 2019, 11:49am

anyone available to pm on this box? would give respect to anyone who help me on this crazy box

Tdzone · April 13, 2019, 9:29am

Spoiler Removed

ScreenSlav3r · April 13, 2019, 10:04am

Type your comment> @Tdzone said:

I am stuck on https://admin.friendzone*****red Is am right path ?

#Black_hole ?

Tdzone · April 13, 2019, 12:27pm

guys finally I get ssh shell how to prev esc

Sv5 · April 13, 2019, 2:29pm

Type your comment> @mpeg said:

Who knew we’d end up missing the clowns?

hahahaha youre coming from FluJab too??

Sv5 · April 13, 2019, 3:02pm

Type your comment> @cbx said:

For those struggling with dns enumeration, Bank video from Ippsec helped me a lot.

Now I’m stuck at “Testing some functions !” any clues??

Fucking star… Thats how Nudges should be like… Not these stupid “try harder”