dm me if you like
SUCH a fun box. dm me if you need help, I thought it was more like a medium box
Permissions do the magic⌠If you want any thing further DM me
I get the shellďźbut i canât get the user.txtđ¤Ł
Any tips? - I have hash/pwd for user but cannot seem to use them via ssh / su
How did you get the Hash?
rooted that was a very fun box⌠learned a lot
Rooted!
Awesome box! Learned a lot! Finding root took me some time, but once you are on the right track it will go pretty fast.
Some hints;
User: Take special care with case sensitivity when extracting once you have found an obvious attack vector
Root: Everything you need to know is present in our most beloved vegetable enumeration tool!
Thanks @XSSDoctor @KKK45 and @B1ghead for helping out in de DMâs
how 2 get root? is there any hint?
Can someone help me to get user? I have the shell of the victim machine but I canât get the user because im www-data
There is another subdomain you need to find. Enumerate there.
Everything seems very common, after www-data and the new host discovery, should i manage to manipulate the ws?
NVM, anybody who found him self in the same thing - suggest you to search for Rayhanâs writeup regarding popular attack on websockets
im finding the subdomain in /sites-available but trying to navigate to it is not resolving? Am I missing something XXXX/soccer.htb??
Also, my VPN disconnects every 2 minutes, why is that?
You suppose to see there a new host subdomain that will enable you to register and test another instance.
Yeah I have gathered as much from reading some walkthrough, but XXX.soccer.htb is just not resolvingâŚ
Should I add this to XXX/soccer.htb to my hosts file? I tried this, then i am getting a 502 error
Rooted.
User: there are pretty common way to gain the initial shell afterwards you should travel around and define your next target that will lead you to the âotherâ user. The way to gain other user are pretty complicated and all familiar with this technique as i mention before - look for Rayhanâs post about the thing, it has a clear python script and walkthrough.
Root: the path to root are clear from the initial shell, search the regular vectors and then try to understand how to manipulate the âsudoâ like command, you will need to create certain and dedicated file to this binary.
Not easy machine on my side, but was fun.