Official Fuse Discussion

really stuck after getting the (hopefully complete) userlist. any nudge on getting password(s) would be appreciated :slight_smile:

Type your comment> @theonemcp said:

really stuck after getting the (hopefully complete) userlist. any nudge on getting password(s) would be appreciated :slight_smile:

same here

Rooted both User and Systemā€¦User is not who you think it isā€¦

man this initial foothold is really kicking my ā– ā– ā–  lol seems like we only really have access to one thing and its a very basic thing that doesnā€™t seem to expose any useful info other than a few usernames. Canā€™t find any public exploits regarding it and even tried installing it on my own machine to explore, but the only interesting files there are not accessible on the HTB machine. Struggling to understand where people can have found credentials

Type your comment> @VbScrub said:

man this initial foothold is really kicking my ā– ā– ā–  lol seems like we only really have access to one thing and its a very basic thing that doesnā€™t seem to expose any useful info other than a few usernames. Canā€™t find any public exploits regarding it and even tried installing it on my own machine to explore, but the only interesting files there are not accessible on the HTB machine. Struggling to understand where people can have found credentials

pb. :wink:

Type your comment> @VbScrub said:

man this initial foothold is really kicking my ā– ā– ā–  lol seems like we only really have access to one thing and its a very basic thing that doesnā€™t seem to expose any useful info other than a few usernames. Canā€™t find any public exploits regarding it and even tried installing it on my own machine to explore, but the only interesting files there are not accessible on the HTB machine. Struggling to understand where people can have found credentials

Iā€™m stuck at the same situation, I have usernames but I have no idea how to use them. Nothing seems to work. Any nudge would be appreciated!

I have found ā€œvalidā€ credentials, but not sure how Iā€™m supposed to leverage themā€¦

User Flag in the booksā€¦

And away we go @user0n3 @SanderZ31 ā€¦ Lets see how long it takes to get a root flag. <poured myself a tall beer because i am sure this will be a long bumpy ride!>

Root- done.

Got user but struggling to pass to the second userā€¦ Anybody has a nudge?

Spoiler Removed

On my way to root! Kudos @SanderZ31 !

Yeah Iā€™m also in the same boat.

I have usernames and have exhausted my options. Even been checking past machines! Nothing seems to work. Any nudge would be appreciated!

Is it just me or does something constantly reset the passwords of the account(s) that we have a password for? The passwords need to be changed, so I change the password and can successfully access some things but literally 20 seconds later it has changed back. I assume this is to make sure the box stays functional, but its making it super awkward to actually get anywhere for me and I feel like Iā€™m cheesing it by resetting the password every few seconds. Doesnā€™t feel like the intended pathā€¦

Rooted! Cool box, enum has to be decent to get foothold. Enjoyed the privilege escalation part - a neat trick for real world if it comes up.

@VbScrub said:

Is it just me or does something constantly reset the passwords of the account(s) that we have a password for? The passwords need to be changed, so I change the password and can successfully access some things but literally 20 seconds later it has changed back. I assume this is to make sure the box stays functional, but its making it super awkward to actually get anywhere for me and I feel like Iā€™m cheesing it by resetting the password every few seconds. Doesnā€™t feel like the intended pathā€¦

I wrote a script that automates the changing part and then this allows you to use the credential for open services. Once you are connected, you donā€™t need the password.

@pudii said:
I wrote a script that automates the changing part and then this allows you to use the credential for open services. Once you are connected, you donā€™t need the password.

Trouble is for me thatā€™s not true. When I access S** or L*** with the new credentials, I get kicked out as soon as the password gets reset. Guess I need to look at connecting in some other way.

EDIT: Managed to just do quick enum between password resets and found the info I needed to get user flag

rooted. Fun box. I have also enjoyed priv escalation.

Cool box, learned some cool new things!

Type your comment> @VbScrub said:

@pudii said:
I wrote a script that automates the changing part and then this allows you to use the credential for open services. Once you are connected, you donā€™t need the password.

Trouble is for me thatā€™s not true. When I access S** or L*** with the new credentials, I get kicked out as soon as the password gets reset. Guess I need to look at connecting in some other way.

EDIT: Managed to just do quick enum between password resets and found the info I needed to get user flag

You can connect by something else :slight_smile:

Root! Required some coding. Fun box!