Official Sightless Discussion

HTB Content Machines
90

yes

91

Heya, I am kinda stuck on where to do the injection - I assume that the subdomain webapp thing, but I donā€™t have a connection there so itā€™s kinda not doing anything? do I need to setup like a mock connection there? Iā€™m kinda confused :smiley:

92

Busca en youtube descencriptar s

93

yes. take a closer look at the links.

94

Did you enter it into your /etc/hosts?

95

yes, I can open the website and opened the subdomain website. But that subdomain website doesnā€™t have much in it and idk where to inject, I tried the obvious and didnt work :((

96

Take a look around, try find version numbers ect

97

I get the whole combining of certain files, got it, but simply canā€™t decrypt the pass for a certain user. Itā€™s just running forever

98

Does someone can dm me to explain ?

1 Like
99

Read the source. Follow the lines of code, and you shell find the path.

100

I am one step after that. Looking in the shadows

1 Like
101

Fun and super easy box, took me more hard times to find the time to do it than actually doing it, I did had some formatting issues on the B***d X because Iā€™m blind and did not see one crucial thing to modify, and wanted to do it the intended way with the actual POC instead of the other faster way. But overall fun and easy. Happy Hacking! dm me for tips here, in Matrix or Usenet.

TIP: for Froxlor, find a crucial server status to see if your payload is workingā€¦ or at least is been run, will help you a lot.

2 Likes
102

Finally Rooted
Very fun Easy box, maybe I also found root a bit twisted close to a Medium
I dont know if mine was the intended path but seems like it since what I found was not at plain SIGHT :wink: And also everything I abused was straightforward you only have to look over and overā€¦

Feel free to DM for a hint if you are stuck

4 Likes
103

Any hints for the docker escape? Iā€™m root, but unsure how to escape

105

Some hint on root please?

106

Search in the shadows of the box when you enumerate. And yes, that is a real hint :slight_smile:

8 Likes
107

How do you find the CVE for that subdomain found. I donā€™t understand what you search to find it.

1 Like
108

Look around for version numbers

109

is it right to use hashcat for PE?

1 Like
110

Iā€™m getting the same, even in the docker instance, have you figured it out?