If someone needs help in user dm me
Any nudges on processing the XML file, I m not able to figure out how /credit works?
Figured it out. Rooted!
Able to get user and a reverse shell onto the box, but struggling to get rootā¦anyone able to help point me in the right direction. Have seen the hints and watched the video on XXE but always struggled with fully understanding that sort of vuln in some other areas Iāve practiced. Really hoping to have someone nudge me into the first part of the vector for privesc. Thanks.
1 Like
Rooted! Very fun box. If someone wants to talk DM.
Hey, got the user flag. struggling to get a reverse shell tho.
if anyone could help with a technique that works or a direction I will apricate. thanks
i think iāve figured out the BackEnd language
and yet canāt seem to understand how to make the process ā¦
anyone who can help spilling some light? or in dm ?
Hi, Iām completely new to machines. I donāt even know where to start. Can someone give me a small hint?
In order to start, I would suggest to start with old machines that has an wouldtrough attached to it
This will give you a bit of comfort after you will do a bunc of them
Start with the easy ones
Absolutely stuck on this PE. I have found a bunch of interesting files that seem to stick out, but cant piece how they go together or what to do with them
I am able to RCE any commands to the machine, but I am unable to make reverse shell to my machine. I suspect that there is some stupid firewall/network issue with the HTB VPN connection. I am bit stubborn, because I use Windows + Kali on WSL2 (Windows-Subsystem-for-Linux). Have been trying to get the reverse shell to work for three hours. I have never got any reverse shells to work with this setup. plain netcat does connect, but any actual bash communication is not working.
Could someone DM me the command they got the reverse shell to work? With that I can verify that the problem is on the network.
Stuck on priv esc. I have a solid reverse shell from SS**.
Iāve got a rough grasp on the logic for the application and cre***-***** and the data thatās passed between using the .l** file. Unsure how to use the application to read my custom xm* from /tmp. a nudge would be greatly appreciated
No need to go revshell go 22. Something is revealed somewhere.
I PMāed you
iāve done a few already and all the starting point
somewhy my whole message wasnt sendā¦
i have been understand what language to use but cant seem to find the right syntax of itā¦
I was able to get the user flag using the SSTI exploit, but Iām losing my mind in trying to get a reverse shellā¦ Iāve tried everythingā¦ Any help is very appreciated!
Maybe you can upload somethingā¦
1 Like
Can anyone help with privesc I am lost rn. I just have a rev shell.
how else can you get on a linux system without a reverse shell?
1 Like
Maybe you can do it without a revshell. But, I think itās a hard way. To have a rev shell, did you try to put something on the server and execute it ? You donāt have always to achieve this task by typing it on the āpromptā.
1 Like