Official Napper Discussion

HTB Content Machines
42

My payload was this:

1 - I put a gun on my head
2 - push the trigger !!!
3 xD

fkn box

1 Like
43

try to reverse *.exe

44

Time for privesc now
I’m not sure why but e*****c is not running anymore
(at least not open to connection, is this normal or should i reset the box?

45

okey, thanks I’m now dealing with teh fucking payload

46

Finally got the payload working and got user. There is some good advice here on how to proceed, but I would suggest looking around for several options and trying them. Feel free to message for pointers if you’ve been stuck for ages.

Big shout out to @josephalan42 and @FabFromTheSnow for their guidance in getting things working.

6 Likes
47

Anyone care to share a hint for the privesc? I found some files and ran some things, but stuck halfway (I hope)…

48

Hi, hint for those who think they have the right payload for the foothold, but cant get RCE. Even if it works in local setting.

If you are sending the payload via Burp do not forget, that some characters in base64 have special meaning in URL parameters. Encode them.

1 Like
49

small hint for user:

For those that are struggling with certain payload, dont give up, you just need to find a way to make the code RUN, pay attention to the external linked blog post.

4 Likes
50

Can anyone give me a nudge on how to decrypt, I acquired the 2 parts that are necessary for it

52

Rooted !!

3 Likes
53

Yooo I got root!! Thx @josephalan42

2 Likes
54

I am stuck at privesc
i found the .exe file and .e* i got the blb and s**d but I don’t know how to get the password for the b***p user

55

Pwned !!

image
image691×639 99.2 KB

57

Finally rooted, this machine was a pain in the a**.
Eventually I got it!!

58

Man, its so frustranting spent so many time with a misconfiguration payload. It was so many tries that im not sure what is really necessary.
In the end, compiling the payload with x86 was what make it works.

At the moment im discouraged for the root.

1 Like
59

everybody stuck on the payload, I can’t even find the place to put it :exploding_head:
can anybody suggest me what to look for?

1 Like
60

Look the post in the internal domain. The external links have the answer.

1 Like
61

The same has been happening to me

1 Like
62

I finally got backup user but can’t do the final leap tried PSExec but is giving me issues

Edit:
image

Man this was an amazing journey

3 Likes
63

Hi, i’am getting this problem when turning in the root flag, someone have this problem?

image
image935×516 33.7 KB

it didn’t give me any points for the seasson

image2
image21193×87 12.4 KB

2 Likes