Overall , pretty nice box .
Foothold was a bit frustrating , too much guesswork for my taste except the exploit parts , both from the foothold and root , these were pretty funny.
So , for the nudges :
Foothold : As said before , read very well the comment that you find somewhere , it actually points to two things : s****.**p and a b****p.
The later may not be what you think it is , so , don’t go too far into a fancy rabbit hole like I did …
Exploit : read what you have obtained . If you don’t know what something does , google it.
You can learn a lot .
User : you don’t even have to enumerate , if you are curious enough about how some parts of the website work… one search can get it to you first link on google , literally.
Root : What can you do ?
Found it ?
Well… maybe you should enroll into the race
Edit : someone was actually trying to fill all the X’s , that’s some dedication , flooded all the directory haha
Is there some another way to get root without “bruteforce racing”? May be there is a technique to slow the process down or even setting a breakpoint or smth?
For initial foothold, some ppl here are throwing others rabbit holes by saying you should read and google about the ambiguous words, while it is completely unnecessary.
Just check the comment and directly access the referenced files.
Are we supposed to get root before we get user in this box? I got to root after the initial shell directly. And then I just did cat user.txt from root shell to get user.
Is this the right way to do this box? I just started doing these challenges in HTB and I have not come across anything like this before.
Are we supposed to get root before we get user in this box?
No.
I got to root after the initial shell directly. And then I just did cat user.txt from root shell to get user.
Is this the right way to do this box?
No.
I just started doing these challenges in HTB and I have not come across anything like this before.
Its likely someone had recently compromised the box and failed to clean up after themselves. You shouldn’t be able to get root directly from a shell which can’t read the user flag.
Its likely someone had recently compromised the box and failed to clean up after themselves. You shouldn’t be able to get root directly from a shell which can’t read the user flag.
This is weird. I reset the box and tried again. After getting shell as the first user (which cannot read user.txt), I can start the race to root directly from there.
Its likely someone had recently compromised the box and failed to clean up after themselves. You shouldn’t be able to get root directly from a shell which can’t read the user flag.
This is weird. I reset the box and tried again. After getting shell as the first user (which cannot read user.txt), I can start the race to root directly from there.
Fascinating. I didn’t think that account had the rights to run the script.
Its likely someone had recently compromised the box and failed to clean up after themselves. You shouldn’t be able to get root directly from a shell which can’t read the user flag.
This is weird. I reset the box and tried again. After getting shell as the first user (which cannot read user.txt), I can start the race to root directly from there.
Fascinating. I didn’t think that account had the rights to run the script.
Hi guys just started on this but stuck… I can see the wordpress blog but when I click on any link it says server not found error. I can see one user name as ‘neil’ in recent comments section but when I click on name it says error.
@bkcipher said:
Hi guys just started on this but stuck… I can see the wordpress blog but when I click on any link it says server not found error. I can see one user name as ‘neil’ in recent comments section but when I click on name it says error.
Also the ip address changes to tenet.htb everytime I click something but server error
@bkcipher said:
Hi guys just started on this but stuck… I can see the wordpress blog but when I click on any link it says server not found error. I can see one user name as ‘neil’ in recent comments section but when I click on name it says error.
Also the ip address changes to tenet.htb everytime I click something but server error
@bkcipher said:
Hi guys just started on this but stuck… I can see the wordpress blog but when I click on any link it says server not found error. I can see one user name as ‘neil’ in recent comments section but when I click on name it says error.
Also the ip address changes to tenet.htb everytime I click something but server error
Have you updated your hosts file?
Funny thing just came to update the same here… and saw your comment
Took some googling around. Thank you