Official Busqueda Discussion

DeadParr0t · May 6, 2023, 9:32am

Cool box, quite easy if you’re familiar with Python.
I think a lot of solid hints (… and massive spoilers …) are already in this thread, but if you need a hand, feel free to DM.

4CC1N4 · May 6, 2023, 11:41am

I got the same problem, tried resetting the box as well.
Anyone know a workaround?

4CC1N4 · May 8, 2023, 7:15pm

Nvm, was just me who had saved the config file in /etc/hosts in the wrong format…

Bugbounty · May 9, 2023, 1:38am

Hey everyone, I’m pretty new to this, and I am needing a little help. I am stuck on privesc. Been trying multiple things and I know it is something I am doing incorrectly. I have tried modifying a certain script (perm denied) and setting my own (doesn’t stick ends up disappearing) and I am out of ideas. If someone could dm me with a nudge, I would appreciate it. I have used flag. Have a shell with account I found. Thanks in advance!

EDIT: Spent days on root, Finally was able to get it. DM if you need help for either, If you are stuck with privesc, you won’t be able to change things as before. Might have to make the call to what you make from where you can…

CaptLevi0408 · May 12, 2023, 1:08am

New to hacking. I understand how to acquire root and I have all the valid credentials to access the gitea.searcher.htb subdomain but I have one problem. I CANT ACCESS THE SUBDOMAIN. I have modified my /etc/hosts file so many times that I cant even begin to count. Anyone know what my issue could be? I feel like I am nuking it.

otter · May 12, 2023, 8:27am

dm

RealCereal · May 15, 2023, 4:28pm

For the love of god… a missing #!/bin/bash in the hijacking had me stuck for hours in privesc!!!

m0h4md · May 16, 2023, 9:06am

Hello, I’m in real need of help I’m stuck in privesc and I’ve been trying for hours without any progress. Tell me what you did so I can solve it too plz

BenKen · May 16, 2023, 9:07am

Simple#3503

m0h4md · May 16, 2023, 6:04pm

What do u mean?

shroomies · May 18, 2023, 4:41pm

■■■■…don’t forget to chmod for your privesc

mindt102 · May 20, 2023, 9:12pm

The source code hint kinda makes me confused. I would suggest an alternative approach following lim8en1’s hint and try to correct what’s not wrong. Beside that, others hint are super helpful, tysm

machliManav · May 23, 2023, 5:37am

Is there any problem with the box? Either it takes too long to load or it does not load at all.

machliManav · May 25, 2023, 7:34am

Rooooted…! with lots of helps from here and there.

fernx2023 · May 26, 2023, 7:48pm

Pawned it!! honestly all the help you’d need is in the thread. Don’t hesitate to DM me if you need a nudge though

Yechiel · May 30, 2023, 9:25am

0b1000010 · June 1, 2023, 5:53pm

So I’m starting on this box, noticed port 80 open and wanted to visit the website. I’m getting a ‘unreachable’ error even after I added the targets ip into /ect/host. Anyone any tips?

Harshad07 · June 4, 2023, 4:09pm

thanks for your hint, I was able to focus on the src code and then it was super clear like everyone said.

duja446 · June 9, 2023, 6:15pm

Just pwned. DM me if you need help.
For user: understand the exploit and modify the payload a little
For root: read the script thoroughly

Arty06 · June 10, 2023, 11:40am

hey can you help me ? Im stucked,ive done all my scans but come up with nothing