Official Omni Discussion

^ ^ got shell - thanks @gunroot!

Rooted !! thanks @gunroot and @TazWake for the tips !! I did the same today and all worked right … I learned new things with this machine thanks @egre55 !!

Type your comment> @gs4l said:

Type your comment> @H4FN said:

I´m stuck even after login with user and password when I try to import the flags I have this error Error occurred during a cryptographic operation. and before I had this message Access to the path ‘***********’ is denied.
I did all my research and look that I must import but I have those errors :frowning:

am I missing something else or cryptographic operation is not working properly ?

If you store your password encrypted in a file, would you let anyone to decrypt it? ?

yeaah I was blind focused only on decrypt it !! :sweat_smile: !! new things with powershell for me !

How is that box ranked easy ?! This is a pretty rare OS, and you need to use a pretty obscure tool, with pretty uncommon techniques.

Mmmmm

“ImportError: No module named hexdump”
Any one has the same problem…

@Jk3r said:

“ImportError: No module named hexdump”
Any one has the same problem…

pip3 install (modulename) is normally a good solution, unless you absolutely must use python2 then pip2 install (modulename) helps.

Type your comment> @TazWake said:

@Jk3r said:

“ImportError: No module named hexdump”
Any one has the same problem…

pip3 install (modulename) is normally a good solution, unless you absolutely must use python2 then pip2 install (modulename) helps.

Thank you bro !! finally worked =D

Been out of this game for a while - thought I’d start with an easy box…mm - easy? Foothold is easy enough, but this file/s I am supposed to decrypt…how do I find them if I am just my lonely kind of “default” guy…??? And not an “omni” guy - default guys have access to NOTHING - it seems…so how do I find what I am looking for with limited access? Tried “-Forcing” PS and to produce “hidden” stuff too, tried to see what attributes may lead me to success with cmd line - but nada…any hints?

@c140 said:

Been out of this game for a while - thought I’d start with an easy box…mm - easy? Foothold is easy enough, but this file/s I am supposed to decrypt…how do I find them if I am just my lonely kind of “default” guy…??? And not an “omni” guy - default guys have access to NOTHING - it seems…so how do I find what I am looking for with limited access? Tried “-Forcing” PS and to produce “hidden” stuff too, tried to see what attributes may lead me to success with cmd line - but nada…any hints?

This might help: Official Omni Discussion - Page 7 — Hack The Box :: Forums

I’m having trouble with a foothold. i got what i wanted on the machine, got it to say hello, then it says goodbye after a few seconds…bad kitty.

Rooted! After the initial script gets working, its free flow from there. Feel free to ask if you have any problems.

OK nice box!! Was rusty as, so I needed some prodding…but it was fun! Probably a bit higher than easy. Not sure, 'cause as I said, low brain power for htb at present. But: Big Thanks to TazWake for the great targeted comments. Also cheers to Andres7ll & gs4l for hints, and mindframe for link.

Rooted this machine last night.
Thanks @gunroot and @TazWake for the nudges
It was great easy box.Learnt few neat tricks for powershell.
For the people who are struggling for intial foothold, look at the nmap scan.
It tells you something, google that something and you will know what it is. Now you just have to google what you want for that.

PM if you need help

Just rooted Omni. The enumeration part has taken me the longest time. After I’ve found the file with the credentials, I could own this box within 10 minutes. If you need help => DM me.

Root it, but hate it. This machine is doable. A little bit of research on Google may tell you what to do. Exploit of this box is easy to find. To use it correctly though, is kinda hard. user.txt and root.txt are not very common to get. If 0-box-owned users select this box to be their first box. They definitely stop doing HackTheBox LOL. Happy Hacking!

Rooted, this was definitely not an easy box.

Initial enumeration was annoying, but seeing hints about IoT led to a quick and easy exploit to get a foothold - after that, enumeration was more trial and error.

After user.txt obtained, root is almost exactly the same and took no time at all.

Type your comment> @choupit0 said:

Tip: if you get the message “The system cannot execute the specified program.” each time you try to get a rev shell… you have to take the right version of nc64.exe (and think to try all the options of the script found). I lost a lot of time because of this…

PM me if you need a link.

I owe you my life!!! i have been stuck on this for so long now

Type your comment> @Jk3r said:

Type your comment> @TazWake said:

@Jk3r said:

“ImportError: No module named hexdump”
Any one has the same problem…

pip3 install (modulename) is normally a good solution, unless you absolutely must use python2 then pip2 install (modulename) helps.

Thank you bro !! finally worked =D

I’m still stuck with hexdump, could you give some tips how did you manage it to get to work?
It shows me that hexdump is installed but still get that error.
Thks

@Tu4r3g said:

I’m still stuck with hexdump, could you give some tips how did you manage it to get to work?
It shows me that hexdump is installed but still get that error.
Thks

A possible cause for this is running pip3 then python2 or vice versa. What this means is that if pip defaults to (say) pip3 when you run it, it installs things for python3. Then if you try to run a script with python2 the module isn’t available but pip thinks it is.

You might be able to get round this with explicit version numbers.

You could try pip3 install --upgrade --force-reinstall <package> and pip2 install --upgrade --force-reinstall <package>

(or whatever works to get both versions of pip running on your system)