Official Inject Discussion

system · March 11, 2023, 3:00pm

Official discussion thread for Inject. Please do not post any spoilers or big hints.

n3k7ar · March 11, 2023, 5:09pm

hello, is it available already? because i get network error when spawning

Kaggurra · March 11, 2023, 5:09pm

errors here aswell

R4z3rSw0rd · March 11, 2023, 5:09pm

yeah me too

rootxran · March 11, 2023, 5:12pm

same here

Funhackz · March 11, 2023, 5:32pm

Do you still have problems ? My error message is Machine is not yet available.

Yovecio18 · March 11, 2023, 5:33pm

Same here… even by trying other VPN profiles

Edit: I see that machine is up from 19 utc, so I have to wait a bit

JK1706 · March 12, 2023, 3:09am

The topic name is injection, but I can’t find the injection point, there is only one place to upload, but it is restricted by many suffixes，which brother can do it ，please PM me

XSSDoctor · March 12, 2023, 3:27am

For me, at least, this was not “easy”. It took me about 8 hours to root.

That being said, I absolutely loved it. I learned a lot and had a lot of fun. Great box!

UtopiousSpoon · March 12, 2023, 3:48am

Is anyone having problems accessing this machine? I have added inject.htb to my hosts. I can’t access it over IP or url. When I ping it, it’s up and running. I can run nmap on it, but I can’t access the web page?

rohit · March 12, 2023, 3:56am

Check your nmap results carefully

jakechakola · March 12, 2023, 4:00am

check the port

UtopiousSpoon · March 12, 2023, 4:03am

Thanks guys. Weirdly I did try the port and it didn’t resolve. I tried it again now and it worked. Thanks for the fast responses!

Paradise_R · March 12, 2023, 4:04am

Took some time, but finally could complete this machine

It is not the hardest, just has some unknown vulnerabilites, privilege escalation was considerably easier, all the payloads are easy to find on internet, and even arriving late, it was still possible to complete it in little time falling in just one rabbit hole only because I forgot something, I would say it is an easy one

But aside from everything, if someone ends up needing help, you can surely send me a message, R is always here

robinas · March 12, 2023, 8:02am

This box was not that easy from the outset.
Testing the webapp for all functionality, leads you to find something that you can control to get an unintended output.
But this is not the targeted path (spent quite some time here), it’s there for you to enumerate the underlying web application itself. (If you use the wappalyzer extension, you will notice it doesn’t have much to show). @Paradise_R mentions this above, once you realise what it is look for vulns that came out together. Where one got overshadowed by the later one.

Path to root was pretty easy once you see what is being done automatically and what you can do as user.

nga1hte · March 12, 2023, 9:50am

Gain as much information as you can about the services that are running, their version, running as what user, then google is your friend. Easy machines are pretty straight forward and there are less rabbit hole.

Sandlot · March 12, 2023, 10:53am

It’s not an upload vulnerability right?

Yovecio18 · March 12, 2023, 11:13am

–nothing–

qwerty · March 12, 2023, 3:01pm

Got user. I’m not that good at PrivEsc. Can anyone DM me for hints to root?

MFarooqS · March 12, 2023, 3:35pm

please…