Not getting any data from the www-data exploit’s curl (I have disabled the silent option and all 0), also getting ‘connection timed out’ from sshes of both j*** and J***… Servers are down?
Most people are in a different user account before the curl bit works. Given what you’ve put here, it’s not clear where the problem might be and it looks like you’ve combined two different stages.
Generally speaking:
Initial Foothold - User 1: Enumerate, find info, use info
User 1 - User 2: Enumerate, find info, get the info from the server.
User 2 - Root: Enumerate, escape, rootshell.
If you are trying to do User 1 to User 2 from the initial foothold, it might not work.
@TazWake I’m just trying to connect to the machine… I’m currently on user2->root but any type of connection to 10.10.10.171 doesn’t work. I had already reset the box and status checked several times.
Hey, im a very begginer and I’m stuck on user2, i already got j*****y but can’t understand the next procedure, a PM would be appreciated as I know what should I do next (thanks to this thread) but don’t quite get why that specific port is the special one and why next command returns what it does.
I could not find anything related to this use of the command to read so If anyone could give me some information would be very appreciated. Thanks!
Hey, im a very begginer and I’m stuck on user2, i already got j*****y but can’t understand the next procedure, a PM would be appreciated as I know what should I do next (thanks to this thread) but don’t quite get why that specific port is the special one and why next command returns what it does.
If you can implement the procedure, and it has been hinted at a lot over the past 27 pages here, you are given some objects that are useful.
You can Google them to find out how they are used.
The specific port isn’t special, it is one chosen by the person configuring the service. The command returns what it does because that is how someone has set up the object you are looking at.
It is a touch unrealistic but think of it as a configuration mistake. It is a CTF version of an admin trying to set something up to make their life easier and you, as the [pentester|attacker] have found a way to subvert it to your own ends.
Rooted. Really great box that focuses on the basics.
Foothold/User 1/User 2: Nothing to add. Plenty of useful tips in this forum.
Root:
Calling back home can certainly be useful at times, but is it really always necessary?
Your favourite command won’t work as expected. Don’t think like a hacker, think like a (poorly trained) admin. What can you do to make this particular command more secure? Answering this question will take you to a place that has all the answers you’re looking for.
Stuck after the first user. Is it intentional that after “sudo -l” I’m being asked for password of current user instead of getting list of things that I can use to get root?
Stuck after the first user. Is it intentional that after “sudo -l” I’m being asked for password of current user instead of getting list of things that I can use to get root?
Hey, im a very begginer and I’m stuck on user2, i already got j*****y but can’t understand the next procedure, a PM would be appreciated as I know what should I do next (thanks to this thread) but don’t quite get why that specific port is the special one and why next command returns what it does.
If you can implement the procedure, and it has been hinted at a lot over the past 27 pages here, you are given some objects that are useful.
You can Google them to find out how they are used.
The specific port isn’t special, it is one chosen by the person configuring the service. The command returns what it does because that is how someone has set up the object you are looking at.
It is a touch unrealistic but think of it as a configuration mistake. It is a CTF version of an admin trying to set something up to make their life easier and you, as the [pentester|attacker] have found a way to subvert it to your own ends.
Thank you, did not notice it was object related, ill focus there and google something, that was helpful!
Yep, as @CuriousJ said, you need to get into the other account first. The user account you are in cant run that command AFAIK (you should have the password for that account).
Have not done an active box in over a year (Life,Work, and Cybersecurity keep me busy). First one i’ve done now that im back on HTB, took like an hour + some change. Great box, no crazy rabbit holes. Thanks to the creator! I’ll be recommending this one to my juniors