Postman

hakku33 · November 26, 2019, 6:56am

Type your comment> @clubby789 said:

5 minutes to go, everyone ready?

@clubby789 said:
5 minutes to go, everyone ready?

i have got a user shell, i am trying a lot to find a user flag but i cant what should i focus on … if anyone can help me pls help me

hakku33 · November 26, 2019, 6:58am

@clubby789 said:
Low privelige shell got, let’s see what’s next…

Blackdog007 · November 26, 2019, 9:42am

can someone help me i got stuck in r****-**i

hakku33 · November 26, 2019, 10:52am

Type your comment> @noi said:

Just got root!

If need help you can ask on pm!

help me… i have got a i***.b** file what should i do now

terty · November 26, 2019, 12:17pm

rooted, nice machine!

Pm for help

ax3de0s · November 26, 2019, 1:17pm

Hey.
This is my first box on hackthebox.
I’ve been trying to get through it for a long time. My efforts led me to a standstill.
I find r**** port. Started looking for exploits. M***t found 4 exploits, only one worked. He returned the info. On the Internet, I found an exploit for the r**** r**** s. When starting, an error occurs - an unknown Module.
He began to search further. Found a shell script. It should load the ssh key. Not working in my case. I get an error - the password is incorrect. I need help, help whoever can.

skolarii · November 26, 2019, 4:26pm

I am new to Rs and am struggling to get the uname and pwd for the W** enumeration. Some help would be appreciated.

menessim · November 26, 2019, 8:57pm

Rooted.
PM with where you are stuck for hints.

paidtheprice · November 27, 2019, 2:03am

i just got in via r**** but now i cant reconnect? was able to get the i*.rb and then get its passphrase, but then when that works i get “Connection closed by 10.10.10.160 port 22”

blink3r · November 27, 2019, 2:31am

Rooted.
Nice box.
User → study how redis user is located in the box
Root → simple exploit
Nice box!

menessim · November 27, 2019, 7:58am

@paidtheprice said:
i just got in via r**** but now i cant reconnect? was able to get the i.rb* and then get its passphrase, but then when that works i get “Connection closed by 10.10.10.160 port 22”

The passphrase might work somewhere else.

J0s3 · November 27, 2019, 12:07pm

Good morning guys, it has happened to you that when you are using redis and you want to get into a directory, you are told that you do not have permits if someone is so kind as to help me out

r3dr3b3l11 · November 27, 2019, 2:21pm

please stop dumping your keys on the system! if you run a command that pipes input into the r****-***, note that it is coming from your machine, not the remote machine!

RagsFTW · November 27, 2019, 5:51pm

Is anyone else having issues with j**n running really slow? This system will be retired by the time it is done…

Zigo · November 27, 2019, 10:07pm

I’ve got a low-priv shell as r**** but the box is unusable… Connexion keeps dropping every minute, I have time for a couple of commands and that’s it, my shell is gone… Very frustrating…

xVoid · November 28, 2019, 1:22am

Rooted

r3dr3b3l11 · November 28, 2019, 2:46am

Yeah I’m still stuck at the r****-*** to get a user shell. Any nudges appreciated!

ls4cfk · November 28, 2019, 10:38am

Edited:
nvm, got it…

Can’t connect via ssh with credentials

Enter passphrase for key ‘id_rsa.bak’:
Connection closed by 10.10.10.160 port 22

Kamperr · November 28, 2019, 10:45am

Stuck at the initial shell. As of now I have:

Read and re-re-read the forum posts
Read r*** configurations and documentation
Insert my id to a certain location with r***-***
Use a ready made exploit with m***
Use a script from G***.

I know (think) that I should modify a script a bit or get in manually, but something is missing. Any nudges for the initial shell are most welcome!

Edit: Moving forwards, thanks to @p1kabyte +1

CRYP70 · November 28, 2019, 2:17pm

More Holes Than Cheese I thought…think simple with root