Traverxec

HTB Content Machines
, , , ,
123

Got user now too.

Go going for root… but didn’t found anything yet. Can someone PM me a nudge?

124

rooted

PM for nuggets

Hack The Box

125

Initial: Fastest foothold I’ve ever got. 2 steps to get an easy shell.
User: Read files carefully, ignore rabbit holes and RTFM.
Root: You should spot the method fast, try it locally to understand how to make it work.

126

Spoiler Removed

127

Finally.
Foothold: DDoS? Really? Check the description before run something!
User: check that same place where you’ve found those creds. Make yourself familiar with capabilities of the service and ask yourself what permissions should you have to view that content.
Root: was mindblowing for me. It’s right in front of your eyes once you logged in, but you just cannot violate args. Fortunately, there is a way to substitute one thing with another and use the same command to get a shell

128

I’m a bit stuck… I’ve found the place mentioned in the interesting file, just can’t find anything further, not sure what to do with the creds…

129

Type your comment> @benhulatt said:

I’m a bit stuck… I’ve found the place mentioned in the interesting file, just can’t find anything further, not sure what to do with the creds…

if you cannot see something it doesn’t mean it not exist

130

Rooted.

Feel free to PM. :slight_smile:

131

Type your comment> @olsv said:

Type your comment> @benhulatt said:

I’m a bit stuck… I’ve found the place mentioned in the interesting file, just can’t find anything further, not sure what to do with the creds…

if you cannot see something it doesn’t mean it not exist

took a moment to understand what you mean, figured it out now, thank you for the tip!

132

Finally got user thanks to @D3Fix and @olsv . As always something stupid i missed, also found cheetsheet and read it and found another way to get there. funny

133

got root, it was fun.

134

rooted!

Much thanks to @rholas and @idomino when I was stuck at user.

135

Cool box. It was nice and straight forward from start to finish. Perfect way to spend an hour on a lazy sunday. :slight_smile:

136

For people struggling with root. remember its not always a good idea to maximize ur screen :wink:

137

Got a low priv shell, could someone help me with user?

138

btw box goes down likely due to people running the wrong CVE since there’s one for dos

139

Spoiler Removed

140

hint for user:
enumerate… enumerate… enumerate…
don’t brute-force ssh…
for root:
GTFOBins is your friend…
PM me if you need help
YaSsInE

141

Spoiler Removed

142

Rooted.

Thanks @jkr for the fun box!

Feel free to PM if you need hints.