Official Tenet Discussion

I am having an issue with the s** for root. I have done what i needed to i think and when I attempt it, it wont let me in. I have done it multiple times but wont work. anyone around to help?

the privesc was fun, I struggled with getting a foothold for 2 days and lots of google, user and privesc was easy. I have got to work on footholds… other than just trying harder on more vms, anyone got some reading material on getting initial footholds in general?

Type your comment> @devilray said:

I am having an issue with the s** for root. I have done what i needed to i think and when I attempt it, it wont let me in. I have done it multiple times but wont work. anyone around to help?

what user were you logged into on attacking machine when setting up? also do a proof of concept with a test file just to make sure it will find the thing

Wonderful box,thanks @egotisticalSW . Initial foothold process was a very good learning experience for me. Enjoyed it a lot.
If anyone needs hint can pm me.

Type your comment> @qazwer said:

Type your comment> @devilray said:

I am having an issue with the s** for root. I have done what i needed to i think and when I attempt it, it wont let me in. I have done it multiple times but wont work. anyone around to help?

what user were you logged into on attacking machine when setting up? also do a proof of concept with a test file just to make sure it will find the thing

I was able to get root yesterday. I had to change up my script a bit and run it differently in order for it to take. Thank you though.

If anyone is willing to take a look at my code for foothold please DM, I’m real stuck.

a STUPID machine with STUPID foothold, STUPID user, and a SUPER STUPID root!!!

I managed to get a file as mentioned in the comment, but not sure what to do with it… any pointers?

@rancilio said:

I managed to get a file as mentioned in the comment, but not sure what to do with it… any pointers?

Read the file and see if it hints at a way you can attack the box. There is a phrase in it which should give you a very big clue.

Type your comment> @TazWake said:

@rancilio said:

I managed to get a file as mentioned in the comment, but not sure what to do with it… any pointers?

Read the file and see if it hints at a way you can attack the box. There is a phrase in it which should give you a very big clue.

Thanks!

Rooted, but not without A LOT of help…one of my first medium boxes.

Foothold: something completely new for me. Enumerate and you’ll find a useful file, analyse that and see how you can use that to get in, google or watch youtube videos for that kind of exploit.

User: Straight forward enumeration, nothing complicated.

Root: See what you can do and see what that does. Work out how to take advantage of that.

DM for help but I did get a lot of help myself so I might not be entirely useful for this machine.

Type your comment> @UVision said:

Hi, I’m stuck on foothold : I found sa***.tenet.htb domain, with his s*****.php file, but I can’t see what can I do with that things , any hints ?

Edit : rooted

I liked this box because it required you do some work rather than firing off someone else’s exploit.

If you know how to escalate to root but are still struggling, I suggest you look at using inotify hooks (for the C language). It will take a bit of time to write the code, but your exploit will be more reliable.

Rooted!
Ironically I spent most the time searching for taht ■■■■ file anyone talks about.
I did not quite understand why that file can be found only in that way. I serched all over the conf files, but I did not arrive to a solution.

Can someone explain me why via PM? Thanks!

Rooted!

Overall easy box. It was fun. Hints are already present in this forum.

Feel free to PM for help.

rooted. any help dm as usual :slight_smile:

Really enjoyed this one - big fan of the film and the soundtrack is one of my favorites to hack away to!

My particular IT background was a big part of this box so although everyone seems to have rated it a medium, the steps to find the way to the foothold were probably the bit that I took the longest on, and exploiting the foothold, getting user and then root were actually relatively straight forward from my experience working with these things.

I’m looking forward to reading all the different variations people came up with for priv esc to root! :slight_smile:

Rooted. At first I thought that script would be fast and hard to ra** but actually its not. Just writing some loop thing is going to work.

nudge me for a hint.
Focus on n***'s comment

I’ve read through all the posts here but I look to have found the foot hold a different way :-/

Regardless, this was a great box and learnt a bit with gaining root. My first box outside of the “Easy” ones :slight_smile: