Official Busqueda Discussion

Cool box, quite easy if you’re familiar with Python.
I think a lot of solid hints (… and massive spoilers …) are already in this thread, but if you need a hand, feel free to DM.

I got the same problem, tried resetting the box as well.
Anyone know a workaround?

Nvm, was just me who had saved the config file in /etc/hosts in the wrong format…

Hey everyone, I’m pretty new to this, and I am needing a little help. I am stuck on privesc. Been trying multiple things and I know it is something I am doing incorrectly. I have tried modifying a certain script (perm denied) and setting my own (doesn’t stick ends up disappearing) and I am out of ideas. If someone could dm me with a nudge, I would appreciate it. I have used flag. Have a shell with account I found. Thanks in advance!

EDIT: Spent days on root, Finally was able to get it. DM if you need help for either, If you are stuck with privesc, you won’t be able to change things as before. Might have to make the call to what you make from where you can…

New to hacking. I understand how to acquire root and I have all the valid credentials to access the gitea.searcher.htb subdomain but I have one problem. I CANT ACCESS THE SUBDOMAIN. I have modified my /etc/hosts file so many times that I cant even begin to count. Anyone know what my issue could be? I feel like I am nuking it.


For the love of god… a missing #!/bin/bash in the hijacking had me stuck for hours in privesc!!! :dizzy_face:

Hello, I’m in real need of help I’m stuck in privesc and I’ve been trying for hours without any progress. Tell me what you did so I can solve it too plz


What do u mean?

■■■■…don’t forget to chmod for your privesc :sweat_smile:

1 Like

The source code hint kinda makes me confused. I would suggest an alternative approach following lim8en1’s hint and try to correct what’s not wrong. Beside that, others hint are super helpful, tysm

Is there any problem with the box? Either it takes too long to load or it does not load at all.

Rooooted…! with lots of helps from here and there.

Pawned it!! honestly all the help you’d need is in the thread. Don’t hesitate to DM me if you need a nudge though

1 Like

So I’m starting on this box, noticed port 80 open and wanted to visit the website. I’m getting a ‘unreachable’ error even after I added the targets ip into /ect/host. Anyone any tips?

thanks for your hint, I was able to focus on the src code and then it was super clear like everyone said.

Just pwned. DM me if you need help.
For user: understand the exploit and modify the payload a little
For root: read the script thoroughly

hey can you help me ? Im stucked,ive done all my scans but come up with nothing :cry: