Official Luanne Discussion

alright so silly me looking through the man pages
https://man.netbsd.org/NetBSD-9.0/****
Thanks @r0m4r10 @bw00lley for the support here, definitely was on the right track but routinely missed the critical nugget to show me the answer in my online research

foothold: already discussed is depth, burp can also help here (there is a plugin that will help)
user: man oh man, what a journey huh?? oddly enough, the “dev” version has your foothold patched, but there is another way in…understand what the service is running, how, and why (this was the challenge for me, i misread the manual, no not that manual, the other manual!..)

root: this phase is very specific to the OS, enum will find the artifacts you need, but youre not done yet…what you have and what you think it can be used for is correct, but you cant get there through the normal way, you need to find a different command. - for me the man pages screwed me over, but while searching you will find the hints you need in your research results.

@b1narygl1tch said:

Why are you all write these useless “Rooted”, “Finally rooted”, etc.? Do you really think anyone cares about it? Please, stop kissing yourself and start be more informative. Give some hints regarding machines. That would be really helpful, instead of your narcissism.

So, generally, they are people, at the very least identifying that they can help others if needed - but most of the time all the hints are already in the thread. For lots of people it is also a nice way to share their excitement and feeling of success.

Complaining about other people’s posts is rarely useful and insulting everyone else feels like an odd way to encourage more helpful posts.

The narcissistic posts are the ones which say “this box was so easy” or “I did it in three seconds” or “rooted this shitty box”/“rooted this useless box.” That is people trying to show how superior they are to the box, people who say “It took me months but I finally rooted this box” are most certainly not boasting.

Type your comment> @TazWake said:

@b1narygl1tch said:

Why are you all write these useless “Rooted”, “Finally rooted”, etc.? Do you really think anyone cares about it? Please, stop kissing yourself and start be more informative. Give some hints regarding machines. That would be really helpful, instead of your narcissism.

So, generally, they are people, at the very least identifying that they can help others if needed - but most of the time all the hints are already in the thread. For lots of people it is also a nice way to share their excitement and feeling of success.

Complaining about other people’s posts is rarely useful and insulting everyone else feels like an odd way to encourage more helpful posts.

The narcissistic posts are the ones which say “this box was so easy” or “I did it in three seconds” or “rooted this shitty box”/“rooted this useless box.” That is people trying to show how superior they are to the box, people who say “It took me months but I finally rooted this box” are most certainly not boasting.

Not boasting, just flooding with useless messages. And yes, there are really useless boxes/tasks that don’t require anything except bruteforcing, for example. I’ll just describe what is a good post from my point of perspective: “Rooted! Feel free to contact me. Here are some hints: user… root…” That’s the useful post.

@b1narygl1tch said:

Not boasting, just flooding with useless messages. And yes, there are really useless boxes/tasks that don’t require anything except bruteforcing, for example. I’ll just describe what is a good post from my point of perspective: “Rooted! Feel free to contact me. Here are some hints: user… root…” That’s the useful post.

Awesome - I look forward to seeing you lead by example on that. Until then, you can continue to make the posts you think should go into a thread and so can other people.

Type your comment> @TazWake said:

@b1narygl1tch said:

Not boasting, just flooding with useless messages. And yes, there are really useless boxes/tasks that don’t require anything except bruteforcing, for example. I’ll just describe what is a good post from my point of perspective: “Rooted! Feel free to contact me. Here are some hints: user… root…” That’s the useful post.

Awesome - I look forward to seeing you lead by example on that. Until then, you can continue to make the posts you think should go into a thread and so can other people.

You can check my previous posts at least. I always tried to be informative.

@TazWake @b1narygl1tch i find that even the “useless messages” are still somewhat helpful. When i am strugging, I certainly take some solice in seeing that the people that solved these challenges quickly were very experienced so it makes sense why i am having a hard time. I’ve learned that experience really does take you a long way in this field, and htb works to help educate and fill the gap, so all comments are helpful to me (even if just a little). But to @TazWake’s point, i certainly have reach out to some of those people that just said “rooted” and they’ve been very helpful with minor nudges or just confirmed that i was on the right path.

Hi,
This is my first box. I am starting to thing that maybe I make the wrong choice. I found things, of course. Some places to visit and I found out how to say moon in portuguese . I wonder if this is the way to find my initial foodhold via l** lang****. I’ve ran out of ideas but before continuing I want to know if it is a hole rabbit or not. Thanks for your help.

@j4M35B4r0N said:

Hi,
This is my first box. I am starting to thing that maybe I make the wrong choice. I found things, of course. Some places to visit and I found out how to say moon in portuguese . I wonder if this is the way to find my initial foodhold via l** lang****. I’ve ran out of ideas but before continuing I want to know if it is a hole rabbit or not. Thanks for your help.

I got initial foothold via that technology.

Type your comment> @TazWake said:

@j4M35B4r0N said:

Hi,
This is my first box. I am starting to thing that maybe I make the wrong choice. I found things, of course. Some places to visit and I found out how to say moon in portuguese . I wonder if this is the way to find my initial foodhold via l** lang****. I’ve ran out of ideas but before continuing I want to know if it is a hole rabbit or not. Thanks for your help.

I got initial foothold via that technology.

thanks. This morning luanne talk me via IC**. I guess I am close.

thanks. This morning luanne talk me via IC**. I guess I am close.

I am also noob to HTB - I am at the point where i need to get to this type of dialog exchange , did some searching on the topic including looking at platform capabilties but found no apparent specific direction to take - any nudge or DM welcome -thanks

Type your comment> @Ca55p0P said:

thanks. This morning luanne talk me via IC**. I guess I am close.

I am also noob to HTB - I am at the point where i need to get to this type of dialog exchange , did some searching on the topic including looking at platform capabilties but found no apparent specific direction to take - any nudge or DM welcome -thanks

false alarm. Not the kind of talking I expecting :frowning:

Spoiler Removed

@AlPasta said:

Got the user flag but only because of an hint. I am pretty curious tho : how did you guys knew that the U***d** module was activated on the web server, so you could get the user flag after some local authorized browsing ?

I am not sure this was my approach. I tried things, found an error condition which implied RCE was possible, so RCE’d.

Type your comment> @TazWake said:

@AlPasta said:

Got the user flag but only because of an hint. I am pretty curious tho : how did you guys knew that the U***d** module was activated on the web server, so you could get the user flag after some local authorized browsing ?

I am not sure this was my approach. I tried things, found an error condition which implied RCE was possible, so RCE’d.

RCE for going from initial shell to user? The vulnerability was patched when I tried

Type your comment> @crankyyash said:

Type your comment> @TazWake said:

@AlPasta said:

Got the user flag but only because of an hint. I am pretty curious tho : how did you guys knew that the U***d** module was activated on the web server, so you could get the user flag after some local authorized browsing ?

I am not sure this was my approach. I tried things, found an error condition which implied RCE was possible, so RCE’d.

RCE for going from initial shell to user? The vulnerability was patched when I tried

Didn’t notice another way from initial shell to user, but it doesn’t seem to matter if it has been patched. For the non-patched (intended) way, did you just try things kind of randomly, or did you have a specific thought process ?

Sorry for all the questions, I’m still kind of reluctant to progress in the box without understanding completely what I’m doing

EDIT : answered my own question, there was actually a clue on the system

@crankyyash said:

RCE for going from initial shell to user? The vulnerability was patched when I tried

I am not sure we are talking about the same thing. My first shell gave me the user flag. Before then it was RCE against the web service. This was working on Dec 20th.

I’m stuck on foothold, I saw r****.t 'harvesting c***’ but dont know what to make of that any nudge?

@C4P7A1NFlint try using a directory crawler on what r____s.t_t_ tells you about

Type your comment> @jw0 said:

@C4P7A1NFlint try using a directory crawler on what r____s.t_t_ tells you about

Thanks! I found some that returns a list of some places…Tried different strings in that entry no luck any nudge is kindly welcome

Type your comment> @C4P7A1NFlint said:

Type your comment> @jw0 said:

@C4P7A1NFlint try using a directory crawler on what r____s.t_t_ tells you about

Thanks! I found some that returns a list of some places…Tried different strings in that entry no luck any nudge is kindly welcome

Instead of asking the program for information, trick it into doing what you say :wink: