@Supremacy said:
I have a problem doing the ssh-add I keep getting “Error loading key “/root/.ssh/id_rsa”: invalid format”. Can someone help plz what am I doing wrong…
Why are you doing ssh-add?
@lucaswebb24 said:
the authorized keys is still the fucking same, but it still asks for a password for web***** when i put the private key in, what the actual ■■■■
Did you write to web*****'s authorised keys? Are you trying to ssh in as web*****?
Type your comment> @TazWake said:
@Psyfer said:
Need a nudge pls…Found the backdoor, S***k, but need username and password. Google’d author, tried all know aliases as user and password + combinations of certain txt that stand OUT in source…still no luck entering the backdoor…
If you found the shell, read the source code on the github and it has the password in it.
Thanks bro! My Duh moment of the day…
Type your comment> @lucaswebb24 said:
the authorized keys is still the fucking same, but it still asks for a password for web***** when i put the private key in, what the actual ■■■■
Let the privte keys in ur PC
And copy the public key into the machine
Then ssh the user
I used the la script to add my public key to the s**adin user. That appears to have worked but I still can’t ssh over as the sadin user. I also tried as the w***n. No joy on either. I’ve tried it so many times it’s not some one changing the authorised keys.
@Supremacy said:
I used the la script to add my public key to the s**adin user. That appears to have worked but I still can’t ssh over as the sadin user. I also tried as the w***n. No joy on either. I’ve tried it so many times it’s not some one changing the authorised keys.
If you can’t ssh in as the user, after adding your public key, using the private key, then it didn’t work - even if it appears it did.
If you’ve added it to S****** then logging in as W****** will never work.
Check the public key you are adding is an exact match for what it needs to be. When you ssh in, make sure you are using the correct user and the private key.
I’ve just got in with SSH. It was a problem to to with the unknown programing language and not realising I needed a couple of \n
I have found the backdoor and the creds but the backdoor continue loading forever with no response
what’s the problem please can anyone help???
Any help going from user1 to user2? tried to run s*** -u (user2) /home/(user2)/lu**t but nothing.
stuck with this.
user.txt flag changed? LOL incorrect flag ■■■■
@malwarepeter said:
user.txt flag changed? LOL incorrect flag ■■■■
It’s a dynamic flag, it changes on every reboot and between servers.
@Hyst3resis said:
Any help going from user1 to user2? tried to run s*** -u (user2) /home/(user2)/lu**t but nothing.
stuck with this.
Depends what you mean by nothing? Nothing happens? That seems odd and implies a broken box.
Type your comment> @TazWake said:
@malwarepeter said:
user.txt flag changed? LOL incorrect flag ■■■■
It’s a dynamic flag, it changes on every reboot and between servers.
this one is too much… everytime i try still i get incorrect hash
@malwarepeter said:
this one is too much… everytime i try still i get incorrect hash
Only thing I can suggest, if you aren’t on VIP, is get the hash and submit it as quickly as possible. A reset takes two minutes so you have some time. Watch the shoutbox to observe resets.
im pretty new to hackthebox still, i was able to get user but now stuck on root. im watching the proceesses but not sure what to do next. Please help if possible, thanks
Type your comment> @TazWake said:
Depends what you mean by nothing? Nothing happens? That seems odd and implies a broken box.
sorry about this. newb mistake im executing the command on s*k console.
im on smin now. all working. mbmb
First time on hackthebox. Got user, and think I know what to do for root but seems like as im setting things up, the system constantly resets. Every 5mins or so. Is this normal for hackthebox? Very frustrating!!!
If you’re still on the initial foothold and you’re trying to get a better shell (maybe you want to connect via ssh?) remember that copy and paste is the devil! Find a better way to get “precisely” what you want from your machine to the host you’re attacking. Also, please append to files and don’t overwrite them 
Rooted. I learned something new. Thanks @Xh4H
If you stuck, don’t hesitate to PM me 