Postman

Am beginner of HTB. I tried R**** exploit. Reverse, interactive shell and R****-CLI not connecting.
What should i do help me.? Which website’s document is correct for R**** exploit…

I exploited re*** and find backup user . Who can tell me what is next step ?

i got the i*_r**.b** file but i dont get any results using the common way for processing and cracking this type of file. is there anything i am missing?

uid=0(root) gid=0(root) groups=0(root)
Very Easy box. PM me for nudges

I found that the box is acting different not then it did a week ago… a week ago once I got the user password I could ssh in… not it just closes the shell (maybe someone changed it wit their attempts)… with no shell being the proper config (via a reset), then I just used an alternate path with the user creds to get access to a service on the system… once in, then typical CVE to gain root. good box… Thanks! I’ve also found that not using the defaults for ports etc on reverse shells helps a lot prevents you from colliding with other users at the same time

Spoiler Removed

Rooted. PM for nudges.

Got the low priv shell by understanding how the exploit works and doing it manually.

For ppl who can’t get initial foothold. Some times user directory is not under the normal directory. Only thing you need is to find the right directory then follow the exploit process.

Request to DM someone to discuss next stages after access with m****** account.

I tried a exploit available in Github and got a interactive shell, but it’s not working. I am unable to execute any comand, HInt will be helpful.

Spoiler Removed

Rooted. Initial foothold shell interesting… root easy.

Can anybody help me with root?
Thanks!

Man… day3 for the initial… tried with msf, manual, wrote a script, read the documentation but no success. With the cli I get permission denied trying to access the .folders or save config. msf exploit runs bu does not create a session… Please pm if you have some hints.

Hey guys. I managed to get user M*** and his pw: c**********8… but trying to ssh with those credentials says permission denied… any help?

i am root <3 got credentials but used them on another service. Should have read the hints a bit more carefully. That was fun

I think I was lucky, as I got root before I got user. This left me with the feeling, that I did not learn the essential part of this box.

Edit: Rooted, the ans is 4.

Spent a Boxing Day with I*_.k, asked J for the word which I supposed to use it to open the door.
With the loot and the word, I can open the door.
But now I was told M
* is not welcome to join the party.
So, I should…

  1. Change the Not-welcome list? But I don’t have a pen in my pocket.
  2. Forget about M*** and find a backdoor or window to get in?
  3. Play with I*_***.**k longer?

Type your comment> @angar said:

GitHub > msf
slave is not the way

if it is slaved and you cant write, try
slaveof no one

awesome hint! thnx :slight_smile:

Have completed, however curious as to how people got low-privilege shell before root shell :smiley:

PM me please if managed that.

Also if anyone avoided m**, and used own payload/code, would be curious