NIbbles

nvm, got root :), just took some thinking and tinkering

@CyDefUnicorn said:
I’m stuck on low shell and can see what the user can run in terms of a script with a need for a password, but can’t for the life of me figure out how to edit it. Any ideas or nudges?

Does it need a password?

For those that are still struggling with the login (as I was), suss out what user a standard install would have.

Haha FFS, I swear I tried that combination… It is really easy, you believe you’ve already tried it, just try it again

@Gear01 said:

@CyDefUnicorn said:
I’m stuck on low shell and can see what the user can run in terms of a script with a need for a password, but can’t for the life of me figure out how to edit it. Any ideas or nudges?

Does it need a password?

For those that are still struggling with the login (as I was), suss out what user a standard install would have.

Nope, no password actually when you’re in a low priv shell. Just gotta look at what’s already available for you in terms of access and tools, and also files that are already there. Unless you’re referring to trying to get into the web app… If that’s the case… think VERY simple in terms of password. Actually, the answer is on HTB already.

I guessed the correct password fairly quickly but I suspect someone changed it, so if you think you have it you might have to reset the box because trolls.

i managed to guess the credentials for the blog but still i can neither get a reverse shell nor ssh with them.I have no idea what to do next please help

I know the exploit, I have not been able to even see or to get to a 'log in" page after multiple tries of setting the username and password as different things for Metasploit. (delete if spoiler) please, any hints?

never mind, got the login page, just not sure where to go from here

■■■■ cant get the root.txt :frowning:

No matter which shell I try, I keep getting “This exploit may require manual cleanup of ‘image.php’ on the target”. Am I missing something here?

i found what i need to find to get root.txt… clearly should be able to use it to elevate. however, when trying to utilize what i found with the proper permissions, i’m seeing this:

“: unable to resolve host Nibbles: Connection timed out
: no tty present and no askpass program specified”

any ideas here? nothing i’ve been able to do, reading up on ttys, has been able to get this to work.

I tried the solution multiple times and then spent time in a rabbit hole. When I went back to the original solution is worked.

@dvnv said:
i found what i need to find to get root.txt… clearly should be able to use it to elevate. however, when trying to utilize what i found with the proper permissions, i’m seeing this:

“: unable to resolve host Nibbles: Connection timed out
: no tty present and no askpass program specified”

any ideas here? nothing i’ve been able to do, reading up on ttys, has been able to get this to work.

Same here…WTF?

@dvnv @jc1396 Same here. I’m sure we’re all trying the same types of things, and probably very close to getting it.

Oh well, i dont know if were close enough to get that root hash. the others says that it is the same with bashed machine :slight_smile:

hint about default user and pass ?

@paytaktr said:
hint about default user and pass ?

ok. i found :slight_smile:

Hi,
I have successfully logged in, but I can’t seen to get shell on the machine, can anyone throw a hint or at least direction what to look for? it should be done by lfi? thanks.

Need help with the SQLi

@dvnv same here