Official Seventeen Discussion

system · May 28, 2022, 3:00pm

Official discussion thread for Seventeen. Please do not post any spoilers or big hints.

rocksxebec · May 29, 2022, 3:42am

Can anyone help with a nudge for foothold? I’ve found the initial creds and am able to login to a service. But the endpoints on the service don’t seem to work beyond the basic page. Am I going down a rabbit hole?

Hoze · May 29, 2022, 3:33pm

Can someone give hint on where do i find user.txt?

Hoze · May 29, 2022, 3:34pm

Have you got she**?

Leighlin · May 29, 2022, 6:33pm

Yea Im at geting root right now

johjohjoh · May 30, 2022, 9:17am

Any nudge for root? I know I need to publish something to v********, but can’t get creds for it

kitnge7 · June 1, 2022, 11:25am

hey i am new can anyone guide me what to do
i

xslsystem · June 2, 2022, 4:36am

I use sqli in s***** m******* on release machine and work fine, but now doesnt work ;(

cmoon · June 2, 2022, 5:53pm

Man, this box is starting to really annoy me. Got an initial shell but then if I try the exact same method again I’ll get forbidden errors on the shell… Changing the file extension and it loads just fine but doesn’t execute. Quite annoying

Helix · June 7, 2022, 5:35pm

Hey someone can help me a little bit? Im stuck to get the first shell

cptphil · June 11, 2022, 3:05pm

need first step please help

binho1337 · June 29, 2022, 12:05am

i get user flag if anyone need help send me a message

CtrLC94 · July 26, 2022, 2:33pm

Is there anyone who has an hint on how to get from m*** to k*** for root? I tried to enumerate using the usual tools but nothing seems viable for lateral movement. Am I missing something?

HackSh00t · July 28, 2022, 8:25am

Could someone DM me a nudge for getting from m*** to k*** user?
I’m kinda stuck at this point and don’t know what to do

DocD · August 2, 2022, 3:36am

I don’t understand. Stuck on root. Is this supposed to be Log4j exploit? Startup script itself is not exploitable>:-(.

BluesyPompanno · August 4, 2022, 10:09am

Can anybody give me a little nudge ?

I have discovered the second DN* the em.se****.htb, I also know there is /v—r
directory but I can’t acces it, I can’t access any directory that I got from gobuster/dirbuster all I am getting are 404 errors or access denied.
I have also discovered the ./?p*****, but I have no idea how to go further

h3llh0und · August 12, 2022, 7:02am

For those attempting to go from m*** to k***, (@HackSh00t, @CtrLC94 and others), take a close look at DB credentials on Node modules on m***. Same idea, different place.

CtrLC94 · August 12, 2022, 1:02pm

I’ve been searching in the app node modules already and got nothing. The only place that I’m missing is the module that can’t be accessed. Are those creds hidden in a completely different place?

hb86125295 · August 21, 2022, 5:47am

Hello Mates!!
Is there anyone got root? I reached to the last k__i user and got what to look for LPE but everything seems dead end. Please DM… It has been 1 week stuck on this point.

jimididit · August 21, 2022, 8:35am

same. so close to having root. Pretty frustering

Topic		Replies	Views
Official Undetected Discussion Machines	62	5610	June 27, 2022
Official Developer Discussion Machines	26	2721	January 10, 2022
Official Explore Discussion Machines	111	12767	November 16, 2024
Official CozyHosting Discussion Machines	205	14778	March 30, 2024
Official Resource Discussion Machines	153	4558	November 23, 2024

Official Seventeen Discussion

Related topics