Type your comment> @D4nch3n said:
Do we need to get an IPv6 address somehow?
yup.
Got the IPV6 address, no idea where to go now
Stuck at r***c modules.
Could somebody give me hints about next step?
Tnx in advance.
EDIT: Got user, tnx. Working on root.
Type your comment> @Boxito said:
Stuck at r***c modules.
Could somebody give me hints about next step?
Tnx in advance.
If you’ve got the list of modules, there’s some hidden ones. Think about what folders are interesting on most linux systems.
Got user thanks to @v1p3r0u5, now onto root
Type your comment> @clubby789 said:
Got user thanks to @v1p3r0u5, now onto root
While there are many interesting items in the hidden module, I am not seeing any that lead to another hidden module (or user?), unless brute-forcing or spraying is part of solution (which typically is not on HTB)… Perhaps I am overlooking something?
@ue4dai said:
While there are many interesting items in the hidden module, I am not seeing any that lead to another hidden module (or user?), unless brute-forcing or spraying is part of solution (which typically is not on HTB)… Perhaps I am overlooking something?
Upload access requires a custom script (or rewriting another) to brute force with ro****u.txt
Do I have to watch “The IT Crowd” in order to make sense of what’s going on?
i heard you're a big deal around here.
don't make me laugh
i'm just not into that circle-jerking ■■■■
got better things to do than that fat waste of time
making your boxes mine with exploits and rhymes
my machine is a weapon
patched drivers;
wi-fi packet injection
race condition
xchg rax, rsp
pivot to ascension
your skills ain't even worth a mention
shut up and listen; now class is in session
you don't know how to hack.
see me in detention
Just to keep this on topic I thought I’d say that I’m really enjoying this challenge so far. Thanks @jkr.
Nice poetry :lol:
Type your comment> @limbernie said:
Do I have to watch “The IT Crowd” in order to make sense of what’s going on?
You don’t have to, but you should. It’s big fun ?
got root niice
Could anyone hint me in the right direction for the initial step(s) please? I’ve found the (useless and random?) ftp but nothing else really. Couldn’t enumerate more than that
@rowra said:
Could anyone hint me in the right direction for the initial step(s) please? I’ve found the (useless and random?) ftp but nothing else really. Couldn’t enumerate more than that
FTP is definitely not useless. Read the specific technologies mentioned on the homepage, and remember, incomplete is often exploitable.
No idea where to go after user, seen a couple of g** r***s, but can’t find anything interesting in there.
Is it just me, or did the user password change since yesterday? (Have tried both eu and us, and reset machine on each.)
@ue4dai said:
Is it just me, or did the user password change since yesterday? (Have tried both eu and us, and reset machine on each.)
The address changes, but the password used to get into r**** seems to be the same
Type your comment> @clubby789 said:
@ue4dai said:
Is it just me, or did the user password change since yesterday? (Have tried both eu and us, and reset machine on each.)
The address changes, but the password used to get into r**** seems to be the same
Ok. Weird. I must have done something different yesterday. I thought I had used those creds via a different protocol. Also, I managed to introduce a typo (pluralized it!) in my notes. Sorry for the confusion… Long week so far…
Done. What a fun box. If you get stuck on root like I was… Just remember that on this box you get hints all the way. Keep it simple, just look around and use what you get.
I think I’m close to root, figuring out s**i syntax