Official Monitors Discussion

it looks like the box is just getting alot of resets, people prolly thinking the compiling error will go away if they do (it wont) :sunglasses: :

Hi guys got user… is T****t a rabiit hole or way to go. ?

I have a foothold but cant seem to find anything else useful to get user. I feel like i’m missing something easy but i’ve been poking around on the box all afternoon and no progress towards reading the user flag.

Type your comment> @dr0ctag0n said:

I have a foothold but cant seem to find anything else useful to get user. I feel like i’m missing something easy but i’ve been poking around on the box all afternoon and no progress towards reading the user flag.

A good enumeration of the file system will help you a lot. :wink:

finally rooted, a big thank for @OldProgrammer for the hint :wink:

Rooted. Another challenging box!

Foothold: enumeration will guide you into the right direction. You’ll need to gather all possible information you can. After moved into other places, again enumeration and google will allow you to gain foot into the box

User: basic enumeration

Root: This required some steps, enumerate everything and “listen” carefully. Google has all ingredients that you’ll need.

Thanks for the box!

Very nice box, challenging for me, had some headache with exploiting manually but it was on me. Overall fun time

OK Finally rooted. Root part was fiddly compiler errors etc…and other users leftovers using the generic exploit name,Other than that NIce box.
![Foalma321] (https://www.hackthebox.eu/badge/image/74636)

Wow, this box was definitely a challenge for me. Took me a few days.

Foothold: Enumerate. Once you find it, use it to enumerate even further, and look very carefully, you might miss something important. The last step to get the foothold can be a little frustrating but fight through it because you’re almost there.

User: Basic enumeration. If you get stuck, you might wanna try to look for something specific and really “reach out” for it.

Root: Be like El Chapo. Dig a tunnel and escape.

Rooted. Very nice box.

Spoiler Removed

Feel free to DM if you’re still stuck. > @NO53LF said:

This is a tough one… Found initial vuln and creds pretty quick but been going over the FS for a while and found some interesting stuff but still no indication on where to access it… I see references to Ca*** but brick walled now :confused:

Edit: I found by luck the ci-acc.log and /etc/apa2/sites-av***/mon*****.htb but no alias in there to point to any access… not sure what I’m missing?

Type your comment> @ch13fw0tj said:

Feel free to DM if you’re still stuck. > @NO53LF said:

This is a tough one… Found initial vuln and creds pretty quick but been going over the FS for a while and found some interesting stuff but still no indication on where to access it… I see references to Ca*** but brick walled now :confused:

Edit: I found by luck the ci-acc.log and /etc/apa2/sites-av***/mon*****.htb but no alias in there to point to any access… not sure what I’m missing?

Appreciate it… Got a nudge from a buddy and got user so on to root now!

I can read files, was able to find the directory of the webserver and read the coig files, got creds to m*l. From this point, I can’t find a way forward to create a reverse shell. Nor I can find anything to ssh. I’ve tried everything I know but no luck, and I’m out of ideas now. Someone, please give some hints on how to proceed.

Type your comment> @gs4l said:

I can read files, was able to find the directory of the webserver and read the coig files, got creds to m*l. From this point, I can’t find a way forward to create a reverse shell. Nor I can find anything to ssh. I’ve tried everything I know but no luck, and I’m out of ideas now. Someone, please give some hints on how to proceed.

Same here. Interesting but frustrating.

@gs4l said:
I can read files, was able to find the directory of the webserver and read the coig files, got creds to m*l. From this point, I can’t find a way forward to create a reverse shell. Nor I can find anything to ssh. I’ve tried everything I know but no luck, and I’m out of ideas now. Someone, please give some hints on how to proceed.

@grokgrok said:
Type your comment> @gs4l said:

I can read files, was able to find the directory of the webserver and read the coig files, got creds to m*l. From this point, I can’t find a way forward to create a reverse shell. Nor I can find anything to ssh. I’ve tried everything I know but no luck, and I’m out of ideas now. Someone, please give some hints on how to proceed.

Same here. Interesting but frustrating.

Look for the common files used with the vulnerability. A famous list will help

fell free to Dm me if you are stuck

Wooow that box was really really cool !
It turns out that you don’t need the user part to get root. That got me confused for a while as I was walking the root path unknowingly while trying to get user.
There are a lot of steps from recon to root, but except maybe the very last one, everything relies on having your eyes open and asking yourself the good questions. I can honestly say that if you get stuck on this box it’s only because you haven’t looked at the right place.

That was very enjoyable @TheCyberGeek

Got user, found something potentially promising, but I wonder if this could be a rabbit hole.
Did someone manage to make the exploit for local port 8*** work ? Been trying for some time, but even if the exploits complete, I’ve got no result on my listeners. The clues left in the user directory also seem to point another way, so maybe I’m not on the right track …

EDIT : Not a rabbit hole, an exploit will work for this service. Now I gotta escape from jail

So, after a ton of googling I took a hint and ultimately priv esc’d. I have not been able to connect the automated exploit to the vulnerable webserver when I search for exploits via google. I am wondering what search people used or what specifically they found on the box that led them to the exploit. I am curious about how people made that connection