Rooted. I have too many people to thank for the little nudges here and there. This is a really great box for freshening up on some basic skills you may have forgotten to use. User was a much longer path than root, but def worth the experience.
I am having problems with openadmin (i am a noob). So can anyone give me any hints? I have got ssh on j***y, but do not know how to go forward from here. Thanks in advance.
Hint for people stuck with sshing user 2.
Once you’ve asked your friend and gotten a password, you still aren’t ready to log in to user2 yet. That password is for something you already have.
Hope this helps, this is where I was stuck for a while too.
Finally rooted my first box!
It took a lot of research and making mistakes along the way.
Feel free to send any PM
Thanks a lot to @Rubytox for the help!
Got user and then 12 min later I got root. DM me for nudges
That was a fun box.
Just finished, took about 6 hours all together.
Fun box learned a thing or two about enumerating and nano.
User 1: This is just a basic shell, find all the dir’s of a website. Find exploit
User 2: Enumerate, grep is a friend. There are many ways to say password
User 3: who knows what’s running internally find out, and curl.
John might have a hard time reading what you find if you don’t convert it
Root: sudo -l is your friend :^r
Message me if you need any hints
(Post Removed)
Looking for some help, if anyone can PM me.
Found exploit to get in with limited shell usage;
Found some creds in d*******_s*******.i**.p** not sure what to do with them…
Found names of users, and found s*****, m****, m**** and a******
I’m new to this, this is my first box other than Lame and I’m not sure what I should be looking for.
i got user2 ssh passphrase for private key using john but during ssh got libcrypto error what should i do now?
i got j***** password, but when i want to login with ssh,
there’s error said :
Permissions 0644 for ‘id_rsa’ are too open.
It is required that your private key files are NOT accessible by others.
This private key will be ignored.
Load key “id_rsa”: bad permissions
any solution ?
Updata : Now the error has gone, but failed when login
Finally got rooted
thanks to @Crni to try help me with my problem, and thanks to @01ph0rie for the suggestion
Hello all this is my first box and I could really use some help if anyone minds. I’ve found where I need to be to gain an initial foothold (I’m not bad at enumeration) but I know I’m setting up metasploit incorrectly. Would anyone mind sending me a DM, I’ll tell you what I did, and you can maybe tell me how I’m doing it wrong? Thanks!!
Looking for mentorship!
New to htb, and been working on this box for a couple days now. I am stuck on what to with the id_rsa key that I found with user ji***… Thanks
Where search for Ji**s password for sh?
i am stuck. got shell and user/pass but dont know what to do next?
lat move to 2nd user
Is anyone currently available to give a little hint via dm please
pm me if you need a nudge