Root dance - Thanks to @v01t4ic & @saminskip for the nudge on root 
Root tip - On the final step āStick to one lineāā¦
Someone can help me in PM with the user ?
I figured out the clue to port 80, but I canāt find anything on the db.
ela********h 6.4. is this a rabbit hole
am trying to get my first rev shell
Please anyone nudge for process after security user. Can not find any way to escalate to K user then to root. Spent the whole night only to bypass user. Found the cve but how to relate kibana hosted at localhost when all conf files are read only? Thanks in advance
Type your comment> @deleite said:
Finally rooted.
One of trickiest machines Iāve done in HTB.
My tips for root:
- In my case the execution of the ācomandoā didnāt work because of quotes.
- The logstash input process is self triggered.
- Sometimes if you create more than one file the trigger is faster.
PM if need more hints.
Thank you, this saved meā¦ found out what needed to be done pretty quickly but spent hours trying g**k statements.
Thanks for the box @JoyDragon. Learned alot that, to me, was useful in more then one way since we will be using ELK at work soon 
Type your comment> @deleite said:
Finally rooted.
One of trickiest machines Iāve done in HTB.
My tips for root:
- In my case the execution of the ācomandoā didnāt work because of quotes.
- The logstash input process is self triggered.
- Sometimes if you create more than one file the trigger is faster.
PM if need more hints.
Congrats mate
@Y3llowMustang said:
Finally rooted this box, figuring out the syntax for the last step of root was a roller coaster.
Big up buddie!
Type your comment
Hi will someone be able to help with haystack? confused about the right path
Finally rooted this box! I spent way too much time being dumb and trying to get the LFI to run in the K****a debugging console, and couldnāt understand why I was just getting weird errors. All that was needed in the end was a good old curl. Root was then pretty simple.
Some tips:
User-
- The image isnāt useless, maybe get the help of a feline friend
- The high port has a well documented API, learn how to talk to it
- When you know how to talk, look through all the information, and then search for what the image told you (be aware you may be only looking at 10 entries at a time)
- When you find what youāre looking for you should know what to do
Root-
- You may need to become someone else
- If there is a service only available locally, there is a way to make it available to the outside
- Dont be like me and try to use the stupid debugging console
- Check the processes running for anything nonstandard, investigate them and then find a way to escalate.
- A online debugger for G**k helped me a lot
PM me if you need any help.
Type your comment> @0x0raco said:
Can someone help me with the root, please? I am getting ā{āstatusCodeā:400,āerrorā:āBad Requestā,āmessageā:ā"apis" is a required param.ā}ā error everytime I try to use the exploit.
We receive the same error :neutral: Did you solve this problem? Please pm me
Edit: Use quotes, for example curl āhttp://127.0.0.1:port/a**/c***ā¦ā
Hi, can someone nudge for escalating to k*** user? All kinds of confused!
Fairly easy box. Enjoyed it regardless.
Im Stuck on trying to pivot from sey user to k*a i know i have to view something thats only local remotely but my ss** command keeps failing and im unable to view that pageā¦can someone nudge m in the rigth direction.
Rooted! Very interesting path from initial shell to root, learned a good amount about ELK
Found the high port and some of its files. Please give me a hint, how to get to the database.
Any nudge on the āempty reply from serverā error? Used quotes. but I am still getting the same errorā¦just making sure if a server side error and not my syntax.
Rooted. Interesting and fun box, learned something new.
PM me for a nudge.
@pytera I was stuck at the same place as you with the empty reply from server for 2 full days of working on this. I finally reset the box and it worked. So buy VIP if you donāt have it already, very helpful for this box!
Edit: Rooted! Hardest part of box is realizing you need to reset the box to get it to work.
Rooted! Nice box!
