How can I download a file from target to my local machine
Type this in target machine python3 -m http.server 8080 ,then on your machine type wget http://ip:8080/filename be sure that your are in the same directory your file is at and start the server in this directory
Thanks.
i found ssh_host_rsa_key.pub
how can I use it to connect to ssh
You should study this free module it will help a lot! Login To HTB Academy & Continue Learning | HTB Academy
You need the private key to connect to the server I believe. Thatâs the public key. The server SHOULDNâT have the private key.
YESSSSS I DID IT
I am stuck at privilege escalation. Tried the programmer oopsies suggested by that enumeration tool (LPs) but they all look to be patched, unless I am missing something (I wouldnât be surprised). Any hints?
if you google illuminati on google you could find their wiki page and eventually you would probably understand the name of the machine and the vulnerable binary⌠if you combine the binary name with the word exploit and google it you will find a broken public exploit⌠just fix the exploit and you are rootâŚ
FUCKING DID IT LADS
tip: the process for privesc is a bit dark, you should shine some light on it
congrats!
Not sure what Iâm missing with the vhost enumerationâŚthink I got the right domain, but nether gobuster nor ffuf return something valueable
Check twice if you are using gobuster correctly. There is a very important flag that, if not used, cause gobuster to find useless vhosts that will return 400.
Stuck on switching users, every time i try to login in for the user flag i put the password in it just gets stuck/freezes.
You should be able to find it by filtering the size with ffufâs -fs option.
Hi lads,
got foothold as www-data. not sure how to move laterally to the user. can someone assist?
thanks to @0zcool managed to root this box
thank you guys this was a great experience and my first box without following the walkthrough.
Iâve got this far aswell. The default creds found in the .conf file dont work, any ideas on how to connect to the mysql service?
One hint guys, Just save the IP address as board.htb, rest is smooth
Well I did it. And I got stuck because I forgot to try all users, with all password combosâŚ