Hello fellow hackers, I hope that you guys doing well. When I try to port forwarding using plink on Buff I got this error "FATAL ERROR: Network error: Connection timed out ". Any guess or can anyone help me to get rid of this error but I can ping both sides.
@Dilan said:
Hello fellow hackers, I hope that you guys doing well. When I try to port forwarding using plink on Buff I got this error "FATAL ERROR: Network error: Connection timed out ". Any guess or can anyone help me to get rid of this error but I can ping both sides.
Use another port (you will need to reconfigure your SSH daemon). HTB staff started blocking SSH from machine to VPN node, some time ago.
@Dilan said:
Hi, I hope that you are doing well. Iâve done all the things correctly
Well, there are likely two outcomes here:
- You havenât done it correctly
- Something is broken
but I didnât get any shell at all. For your convenience, I wrote my commands down. Please check that and give me a solution.
Best Regards,
Dilannc -nlvp 5555
That is the correct command to use netcat (on linux) to listen, verbosely, on port 5555 without doing any DNS lookups. If that is what you wanted, it is correct.
Assuming you are trying to connect to this with something like nc IPADDRESS 5555 then it should work.
If it doesnât, then you need to consider things like - have you used the correct netcat binary, have you uploaded it to the correct location, is there any firewall in the way etc.
@Dilan said:
Hello fellow hackers, I hope that you guys doing well. When I try to port forwarding using plink on Buff I got this error "FATAL ERROR: Network error: Connection timed out ". Any guess or can anyone help me to get rid of this error but I can ping both sides.
Does this mean you got netcat working?
The error message implies something is blocking the traffic. Often this is a port issue. If you read the other posts in this thread it discusses that HTB have blocked port 22 outbound from the servers. Plink uses this by default. You either need to change your sshd to use a different port or use a different tool.
@TazWake
Hello again, I really appreciate your time and response. Yes hours of trying finally I got the netcat session but unable to connect via ssh. As your advice, I will try to use a different port on sshd. Talking about another tool I tried chisel but it doesnât work as well. It freezes the windows shell.
@Dilan said:
@TazWake
Hello again, I really appreciate your time and response. Yes hours of trying finally I got the netcat session
Awesome.
but unable to connect via ssh.
Yeah, for some reason HTB thinks this is a risk so you canât do it by default any more.
As your advice, I will try to use a different port on sshd. Talking about another tool I tried chisel but it doesnât work as well. It freezes the windows shell.
Iâve never had much luck with Chisel but other people swear by it and rumour has it that an APT group has moved to it being the tool of choice now.
Really appreciate your time and help
@TazWake
âYeah, for some reason HTB thinks this is a risk so you canât do it by default any more.â
Any guide to sort this out. Iâm trying to get the root since yesterday
@Dilan said:
@TazWake
âYeah, for some reason HTB thinks this is a risk so you canât do it by default any more.âAny guide to sort this out. Iâm trying to get the root since yesterday
This might help https://www.cyberciti.biz/faq/howto-change-ssh-port-on-linux-or-unix-server/
Thank you for your time and help. I go through the page and done and still the same nothing change.
@Dilan said:
Thank you for your time and help. I go through the page and done and still the same nothing change.
Well, if nothing has changed then you havenât changed the port your sshd is listening on.
If you mean it still isnât working - it depends what error messages you are getting and how you are invoking the command.
For example, are you specifying the port you want it to connect to with -p ?
@Dilan said:
Thank you for your time and help. I go through the page and done and still the same nothing change.
After you changed your local SSH serverâs port, you will of course also have to specify that port for plink to use 
Thank you really appreciate
Thank you. You are being very helpful
Finally rooted. Thanks for both of you being very helpful. All the troubles made by kali. This morning, I install parrot and done everything from the beginning, and everything completed without an error.
Trying to run the exploit that corresponds to the website but I keep getting errors that make no sense to me.
$ python exploit.py http://10.10.10.198:8080
Traceback (most recent call last):
File âexploit.pyâ, line 37, in
import requests, sys, urllib, re
File â/home/kali/.local/lib/python2.7/site-packages/requests/init.pyâ, line 44, in
import chardet
ImportError: No module named chardet
This makes no sense because according to my limited knowledge, I have chardet installed. I even purged it and reinstalled it, but I still get the same errorâŚ
Does anyone have any ideas how to fix this issue? Iâve been searching for hours and just not getting it
@quantumtheory said:
Trying to run the exploit that corresponds to the website but I keep getting errors that make no sense to me.
$ python exploit.py http://10.10.10.198:8080
Traceback (most recent call last):
File âexploit.pyâ, line 37, in
import requests, sys, urllib, re
File â/home/kali/.local/lib/python2.7/site-packages/requests/init.pyâ, line 44, in
import chardet
ImportError: No module named chardetThis makes no sense because according to my limited knowledge, I have chardet installed. I even purged it and reinstalled it, but I still get the same errorâŚ
Does anyone have any ideas how to fix this issue? Iâve been searching for hours and just not getting it
So it looks like you are running a Python 2.7 interpreter for the exploit. Are you sure you have chardet installed in Python 2.7?
Type your comment> @TazWake said:
So it looks like you are running a Python 2.7 interpreter for the exploit. Are you sure you have chardet installed in Python 2.7?
Not sure how to install something âinâ Python 2.7⌠I can run the command using python3 but then get syntax errors that are beyond my comprehension. Still learning python as I go. when I had purged it, I reinstalled it via âapt installâ and even tried âpip installâ⌠seemingly downloads fine each time, but still get the same issue
Heres my output with python3:
$ python3 exploit.py http://10.10.10.198:8080
File âexploit.pyâ, line 48
print Style.BRIGHT+Fore.RED+"[!] â+Fore.RESET+âCould not connect to the webshell.â+Style.RESET_ALL
^
SyntaxError: Missing parentheses in call to âprintâ. Did you mean print(Style.BRIGHT+Fore.RED+â[!] "+Fore.RESET+âCould not connect to the webshell.â+Style.RESET_ALL)?
So with that error, I change the print syntax to what the error suggests then receive the following error:
File âexploit.pyâ, line 81
print header();
^
SyntaxError: invalid syntax
Not sure about that one⌠the small block of code right above that defines header()âŚ
@quantumtheory said:
Not sure how to install something âinâ Python 2.7âŚ
It depends on how it gets installed in python 3.
For example pip2 install PACKAGE might work. I donât know how your system is set up though. You may need to install pip2 first.
Try pip -v to confirm which version you default to.
I can run the command using python3 but then get syntax errors that are beyond my comprehension.
The exploit wants to use python 2.7. It triggers lots of problems with python 3.
Still learning python as I go. when I had purged it, I reinstalled it via âapt installâ and even tried âpip installâ⌠seemingly downloads fine each time, but still get the same issue
If you use pip install PACKAGE and Python 3 is your system default, it will use pip3 to install the libraries into Python3.
File âexploit.pyâ, line 81
print header();
^
SyntaxError: invalid syntaxNot sure about that one⌠the small block of code right above that defines header()âŚ
One of the big differences between Python2 and Python3 is the need for all print statements to be print() not print. So if you really want to use this exploit in Python 3 you will need to change a lot of it.
Hello guys, deviano here.
Already got the user flag (relatively easy for a n00b like me :P) and now Iâm struggling with root.
I got the âgood shellâ working on target, and I connected through chisel without much effort, but now I canât make the C*****e exploit work⌠I tried so many payloads and so many changes on the file and none of them seems to connect. Anyone can help me?
I feel like Iâm very close to the root flag (well, I hope so hahaha)
@deviano said:
Hello guys, deviano here.
Already got the user flag (relatively easy for a n00b like me :P) and now Iâm struggling with root.
I got the âgood shellâ working on target, and I connected through chisel without much effort, but now I canât make the C*****e exploit work⌠I tried so many payloads and so many changes on the file and none of them seems to connect. Anyone can help me?
I feel like Iâm very close to the root flag (well, I hope so hahaha)
To reiterate the other comments in this thread:
- Check you are using the right exploit (there are more than one)
- Check the service is still running
- Check the shellcode is correct