Is it only me or someone else also facing issue during initial shell?? the shell stops responding after 20 seconds and page also says server not found. Is the box unstable?( i am free user)
@kragle said:
Is it only me or someone else also facing issue during initial shell??
I never experienced this.
the shell stops responding after 20 seconds and page also says server not found. Is the box unstable?
Server not found is a sign that something is wrong. I’d lean towards it being a problem with the connection at first though, however it might be someone resetting the box because they don’t know how to attack it.
dont execute the the file as you… otherwise you will get shell as you only . alright guys 
Interesting use of m********e, don’t ‘bash’ your head in over root. Foothold /user was simple and has been done a million times if you have done any of the starting point/academy or any real life pentest’s or web app testing. As someone mentioned already, the trick here is to use his own tools against him/the site/server.
As he sits alone in his moms basement, yelling for hot pockets and redbull, ddos’ing wordpress sites of kids at school that picked on him.
Just rooted - it was pretty easy, partly enjoyed it but had a lot of trouble with getting reverse shell and coming back to it - did reverse work randomly only for me or this machine is overload or something today?
Type your comment> @Kherbi95 said:
Just rooted - it was pretty easy, partly enjoyed it but had a lot of trouble with getting reverse shell and coming back to it - did reverse work randomly only for me or this machine is overload or something today?
you are right. some issues are there for initial shell. felt the same 
. maybe because we are free users
I have vip 
Type your comment> @ala76nl said:
Hi dont know what I am doing wrong but my reverse shell does not get the other user. Anyone that wants to point me in the right direction?
Same here. I tried about 20 times…
@d0pp3lg4n63r said:
@ala76nl said:
Hi dont know what I am doing wrong but my reverse shell does not get the other user. Anyone that wants to point me in the right direction?
Same here. I tried about 20 times…
Make sure to NOT run the script yourself. Wait for the system to run it for you.
Hi folks… I’ve problem with ScriptKiddie. When Im uploading file there is nothing happening on nc also webpage returns error “Something went wrong”, I have no ida whats goin on… Im using KaliLinux on VirtualBox, any ideas? please?
Hello, i am stucked trying to get the user, i have figured it out that i can only execute 3 commands on the system, i am trying with the venom option but i cant make it works. I would appreciate any help please
@Nailea said:
Hello, i am stucked trying to get the user, i have figured it out that i can only execute 3 commands on the system, i am trying with the venom option but i cant make it works. I would appreciate any help please
You are sort of on the right path. Look at all the options and maybe do some googling around exploits on them.
Then follow the information detailed.
Can someone give me a nudge on getting the p** user? Have found a script but no idea how to exploit it.
connection keeps on getting cut off,anyone facing same issue?
Hey I am stuck moving from one user to the other, I believe I have the correct command now based on hints here and tiral/error but I can not write to the file anymore. I wrote successfully last night and 1 time this morning but I think my command was bad so i want getting execution. Can someone DM to at least verify my command is correct? That way if it chooses to let me write to the file I know what I am injecting is correct.
EDIT: I finally got lateral movement, i had get a much more stable shell to be able to edit the file with a tool I couldn’t use with the original exploit. Rooted shortly after!
@MrNiceGuy said:
Hey I am stuck moving from one user to the other, I believe I have the correct command now based on hints here and tiral/error but I can not write to the file anymore. I wrote successfully last night and 1 time this morning but I think my command was bad so i want getting execution. Can someone DM to at least verify my command is correct? That way if it chooses to let me write to the file I know what I am injecting is correct.
Are you using echo "YOURSTUFF" >> file ?
Type your comment> @mementovivere said:
Okay, rooted the box. Moving laterally to the user with more privileges was by far the hardest part, simply because of some bash shenanigans. For anyone wondering why they aren’t able to get a shell for the p** user, make sure the beginning of your command of your payload has multiple spaces in it. I had to insert 4 spaces for it to actually work for me… Took me 3 hours bashing my head in, thinking I had a typo in my payload… nope just needed some spaces lol
Anyway yeah, nice fun box, thanks @0xdf
welp, that worked for me. I uh, have absolutely no clue why SPACES fixed it, this aint python. Anyone with better xp in bash wanna enlighten us plebeians?
Type your comment> @Necrownomicon said:
Type your comment> @mementovivere said:
Okay, rooted the box. Moving laterally to the user with more privileges was by far the hardest part, simply because of some bash shenanigans. For anyone wondering why they aren’t able to get a shell for the p** user, make sure the beginning of your command of your payload has multiple spaces in it. I had to insert 4 spaces for it to actually work for me… Took me 3 hours bashing my head in, thinking I had a typo in my payload… nope just needed some spaces lol
Anyway yeah, nice fun box, thanks @0xdf
welp, that worked for me. I uh, have absolutely no clue why SPACES fixed it, this aint python. Anyone with better xp in bash wanna enlighten us plebeians?
From what i can make out the spaces are needed as the sc*******.sh cuts the line by a space delimeter this would cut our payload line so i would be unusable the spaces make sure its still in tact after the cut line.
![Foalma321] (https://www.hackthebox.eu/badge/image/74636)
Type your comment> @foalma321 said:
Type your comment> @Necrownomicon said:
Type your comment> @mementovivere said:
Okay, rooted the box. Moving laterally to the user with more privileges was by far the hardest part, simply because of some bash shenanigans. For anyone wondering why they aren’t able to get a shell for the p** user, make sure the beginning of your command of your payload has multiple spaces in it. I had to insert 4 spaces for it to actually work for me… Took me 3 hours bashing my head in, thinking I had a typo in my payload… nope just needed some spaces lol
Anyway yeah, nice fun box, thanks @0xdf
welp, that worked for me. I uh, have absolutely no clue why SPACES fixed it, this aint python. Anyone with better xp in bash wanna enlighten us plebeians?
From what i can make out the spaces are needed as the sc*******.sh cuts the line by a space delimeter this would cut our payload line so i would be unusable the spaces make sure its still in tact after the cut line.
![Foalma321] (https://www.hackthebox.eu/badge/image/74636)
that makes, SO much more sense! thanks! Somehow I kinda forgot that context, and was focusing way too hard on the payload itself, rather than where / how it could get manipulated. Guess it just goes to show, always read everything!
Extremely fun box. Foothold was super easy, lateral movement took me several hours. Apparently, 3 spaces weren’t enough, just keep adding them if you can’t figure it out. Root took only a few minutes. Glad to see a machine with less “needle in the haystack” tendency.