Hey there, i need a nudge.
I have a shell, and i have to find user1.
I searched around and i find a lot of hashes, none of them is the right one i think because they’re all uncrackable.
can someone help me?
Have you tried hashid? Are you sure they are “hashes” (i.e. are they fixed-length strings which is a good indication that something is hashed).
Hey there, i need a nudge.
I have a shell, and i have to find user1.
I searched around and i find a lot of hashes, none of them is the right one i think because they’re all uncrackable.
can someone help me?
Have you tried hashid? Are you sure they are “hashes” (i.e. are they fixed-length strings which is a good indication that something is hashed).
@CallumJ90
Try resetting the box, might be because of HTBs dynamic flags
Thanks for the reply! Even after resets the website wouldn’t take the flags, it was only through spawning my own release arena instance I was able to submit them (if anybody happens to have the same issue).
Overall really great box, the most fun I’ve had so far!
Done. Root is quite hard as compared to the rest of the box… unusual method for sure. Make sure to check your command if you are getting errors, I’ve wasted hours because of a typo. Many thanks to @Hyp3rDrive for pointing it out.
Anyone else having an issue where the hash for p**l isn’t there? Am i just blind lol
I was a lazy guy and I missed it twice while reading the file. When you have a lot of text in front of you, look carefully, understand what you are looking. It helps a lot
I posted my views on this on the cyber badger and HTB official discords… Good box @ChefByzen … some of it felt a little too CTFy to me but then of course that is the way life works sometimes.
Foothold - some googling will land you at a starting point, some digging will land you at a method to gain access to a low-priv shell. [Pre-made works, but you won’t learn from it. use premade afterwards!]
User - Look at what is available to you with your low-priv shell. Search for juicy files that could net you loot. Trust me, you haven’t looked hard enough yet if you are stuck here. its all available for you.
Privesc - pay attention to what you have access to. attention to detail will get you moving forward
Root - more enumeration and google-fu will land you an article, read up and execute for your soon to be root shell