Inception

ploami · January 29, 2018, 12:50am

@ploami said:

@puerkito66 said:

@zelsonm1 said:
@puerkito66 you are on the right track. You are just the missing the correct way to access the service running on this directory

Also tried over the proxy, but same happended, i think is not the intended way, or maybe i’m doing it wrong

I’m facing the same problem. Have you figured it out?

Nevermind, got it.

MrGill · February 3, 2018, 4:25pm

Hello, I need a hint… Am I suppose to find the creds for the “hidden” service in a config file? I have some creds from a non-hidden service but these do not work for the second one. I have one user to log in, but I think bruteforce in this scenario will take eons.

MrGill · February 4, 2018, 10:43am

@MrGill said:
Hello, I need a hint… Am I suppose to find the creds for the “hidden” service in a config file? I have some creds from a non-hidden service but these do not work for the second one. I have one user to log in, but I think bruteforce in this scenario will take eons.

Nevermind, read more about “configs” you find.

JoeDev · February 4, 2018, 6:04pm

One of anyone else’s favorite machines so far?

lokori · March 12, 2018, 9:00am

This box seems to be quite difficult. I have found a way to access two different services that require a login and I have been able to read files from the server. Yet, I haven’t been able to execute code and I haven’t been able to find any credentials either of the services. Found some useless credentials, which I assume won’t be needed for anything. I wrote a small Python script to try out the “obvious” user/pass combinations, but didn’t get anywhere.

I don’t quite understand how reading more about “configs” will help me Perhaps I’m missing something crucial.

lokori · March 13, 2018, 2:17pm

Finally found the “credentials”. I actually wrote a small Python script to find it, but I suck at this enumeration thing apparently. Now the rest should be relatively straightforward I hope.

lokori · March 14, 2018, 7:24am

Errare humanum est! It wasn’t straightforward! Well, I know what to do during the night as I have some “leads”. It seems I must go deeper!

I really like this machine, though it’s certainly not easy to crack. (At least not easy with my limited skills.) Please don’t retire this machine

lokori · March 14, 2018, 6:46pm

I’m root, but the root flag is … wtf.

uck084 · March 25, 2018, 10:21am

I found creds, by following the path stated on one config file and as far as I see it is encrypted. John is not helping me to crack it, any clues?

lokori · March 29, 2018, 4:01pm

I think the creds should be easy to crack. Did you make a mistake somewhere?

Greenou · April 2, 2018, 10:07pm

I have the same problem here, I found credentials but I cant seem to be able to crack them with John. As far as I can tell I did not make mistake and I am trying to access a specific directory. Any clues?

adyd · April 4, 2018, 6:28pm

Hi. Read through all posts and confused. so found a way to read some files from box after doing something. can see also 2 ports open, one which would be usual way in but creds I have found from usual file cannot be right, only two users? saw other comments saying no creds needed so off down rabbit hole I went! it would make sense if usual file had user info and I could find creds for user to do usual thing for first foothold. Sorry sounds like jibberish, but those who have done will know.
Am I supposed to find creds using the method I am using or find another exploit to initiate a shell? anyone want to PM and I can explain what I have done so far.

adyd · April 4, 2018, 7:21pm

so with a little more experimenting I see my files are being truncated. using this method of reading files isn’t working. please PM me - I need help (yep in more ways than one).

S4ck · April 5, 2018, 12:46am

@adyd said:
so with a little more experimenting I see my files are being truncated. using this method of reading files isn’t working. please PM me - I need help (yep in more ways than one).

same here, stuck with that

adyd · April 5, 2018, 8:15am

ah. I can read all the file.

adyd · April 6, 2018, 3:01pm

anyone offer any help finding that directory which prompts for creds, please PM me.

Greenou · April 6, 2018, 10:05pm

Well I found the creds so I might be able to help you,
BUT I can’t crack them with john so they are useless to me

cdf123 · April 7, 2018, 2:30am

Any hints on how to catch the train?

S4ck · April 7, 2018, 4:34am

@Greenou said:
Well I found the creds so I might be able to help you,
BUT I can’t crack them with john so they are useless to me

you can crack it with your friend jhon, just must know wich type of hash is

adyd · April 7, 2018, 8:59pm

ok know I have asked for help before. I am no newbee. got root , wtf am I do do with the file? nothing makes sense? please help!! PM me please,.

Topic		Replies	Views
Inception - privesc Machines	14	1465	February 26, 2018
Shocker Pri Escalation Machines	17	1891	January 2, 2018
Inception - My Kali must have a problem Machines	5	939	January 29, 2018
Dev0Ops Privilege Esc ? Machines privledge-escelatio , dev0ops , priv	72	11295	September 29, 2018
Need a bit hint for Jeeves priv esc Machines	2	959	January 5, 2018

Inception

Related topics