JOIN BREACHFORUMS NEW TELEGRAM
Underpass - Linux - Easy
by StingEm - Saturday December 21, 2024 at 03:32 PM
Cyber Leaks
DWC
Posts: 216
Threads: 42
Joined: Nov 2024
Reputation: 257

GOD
#11
Dec 21, 2024, 08:44 PM
(Dec 21, 2024, 08:28 PM)0xdaniii Wrote:
(Dec 21, 2024, 08:10 PM)StingEm Wrote:
(Dec 21, 2024, 08:08 PM)maggi Wrote: http://underpass.htb/daloradius/app/oper...e-main.php

daloradius/app/operators/home-main.php

administrator:radius

Yes and from config db creds:

steve:testing123

-------------------FOUND----------
on http://10.129.52.94/daloradius/app/opera...st-all.php

svcMosh hash, crack it and ssh in for User.txt


Hash Crack = underwaterfriends
how you found hash?

hash is here
http://10.10.xx.xx/daloradius/app/operat...st-all.php
Hack the Box Season 8

https://t.me/+u1sCX38Xneo3OGM1
Website
Reply
GOD User
God
Posts: 75
Threads: 5
Joined: Sep 2024
Reputation: 62

GOD
#12
Dec 21, 2024, 08:45 PM
Finish to Root at:

https://breachforums.rs/Thread-Underpass...#pid983250

-----
That was fun and its all here to follow - so don't let someone take your credits. You all got this! Cool
Reply
Breached
Member
Posts: 39
Threads: 2
Joined: Oct 2024
Reputation: 0
#13
Dec 21, 2024, 08:59 PM
(Dec 21, 2024, 08:44 PM)LostGem Wrote:
(Dec 21, 2024, 08:28 PM)0xdaniii Wrote:
(Dec 21, 2024, 08:10 PM)StingEm Wrote:
(Dec 21, 2024, 08:08 PM)maggi Wrote: http://underpass.htb/daloradius/app/oper...e-main.php

daloradius/app/operators/home-main.php

administrator:radius

Yes and from config db creds:

steve:testing123

-------------------FOUND----------
on http://10.129.52.94/daloradius/app/opera...st-all.php

svcMosh hash, crack it and ssh in for User.txt


Hash Crack = underwaterfriends
how you found hash?

hash is here
http://10.10.xx.xx/daloradius/app/operat...st-all.php



yeah i got it thanks buddy
Reply
Banned

Posts: 25
Threads: 0
Joined: Dec 2023
Reputation: 0
#14
Dec 21, 2024, 11:37 PM
i had a hard time for this machine so yeah thankss

This forum account is currently banned. Ban Length: Permanent (N/A Remaining)
Ban Reason: Leeching | http://c66go4clkqodr7tdjfu76jztjs7w7d3fajdeypxn73v4ju3dt7g5yyyd.onion/Forum-Ban-Appeals if you feel this is incorrect.
Reply
Banned

Posts: 69
Threads: 0
Joined: Aug 2024
Reputation: 2
#15
Dec 22, 2024, 01:41 AM (This post was last modified: Dec 22, 2024, 01:41 AM by hackemall.)
Hidden Content
You must register or login to view this content.
root id_rsa only

This forum account is currently banned. Ban Length: Permanent (N/A Remaining)
Ban Reason: Leeching | http://c66go4clkqodr7tdjfu76jztjs7w7d3fajdeypxn73v4ju3dt7g5yyyd.onion/Forum-Ban-Appeals if you feel this is incorrect.
Reply
Banned

Posts: 23
Threads: 0
Joined: Dec 2024
Reputation: 0
#16
Dec 22, 2024, 12:29 PM
UDP Nmap scan > snmpwalk > feroxbuster with the directory found from one of the strings > default creds on login page > Find hash in daloradius/app/operators/mng-list-all.php > Crack hash and SSH in > sudo /usr/bin/mosh-server > Read the manual page for mosh-server > MOSH_KEY=XXXXXXX mosh-client 127.0.0.1 6000X > Root.
Just a few simple steps, can finish this box quickly

This forum account is currently banned. Ban Length: Permanent (N/A Remaining)
Ban Reason: Leeching | http://c66go4clkqodr7tdjfu76jztjs7w7d3fajdeypxn73v4ju3dt7g5yyyd.onion/Forum-Ban-Appeals if you feel this is incorrect.
Reply
Breached
Member
Posts: 28
Threads: 0
Joined: Oct 2024
Reputation: 0
#17
Dec 23, 2024, 02:20 AM
Yeah, this is really a simple easy box if you look carefully into the information revealed by snmp tool.
Reply
Breached
Member
Posts: 19
Threads: 1
Joined: Jun 2024
Reputation: 0
#18
Dec 24, 2024, 04:30 PM
awesome. works like a charm.
mosh --server="sudo /usr/bin/mosh-server" localhost

From docs
https://linux.die.net/man/1/mosh

Its also possible to connect as Ritualist says
Reply
Breached
Member
Posts: 13
Threads: 0
Joined: Dec 2024
Reputation: 0
#19
Dec 25, 2024, 09:43 AM
I want to study the blogger's articles carefully
Reply
Banned

Posts: 54
Threads: 0
Joined: Dec 2024
Reputation: 0
#20
Dec 26, 2024, 02:52 PM
fun ways to learn new things keep it up guys

This forum account is currently banned. Ban Length: Permanent (N/A Remaining)
Ban Reason: Leeching | http://c66go4clkqodr7tdjfu76jztjs7w7d3fajdeypxn73v4ju3dt7g5yyyd.onion/Forum-Ban-Appeals if you feel this is incorrect.
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
Heart [FREE] HackTheBox All Cheatsheets Tamarisk 29 1,785 2 hours ago
Last Post: mus1c0
  [MEGALEAK] HackTheBox ProLabs, Fortress, Endgame - Alchemy, 250 Flags, leak htb-bot htb-bot 105 10,061 2 hours ago
Last Post: mus1c0
  [FREE] HackTheBox Academy - CBBH CDSA CPTS All Modules Flags Techtom 52 4,407 5 hours ago
Last Post: 0xdarkdharma
  [FREE] 300+ Writeups PDF HackTheBox/HTB premium retired Tamarisk 395 98,858 5 hours ago
Last Post: 0xdarkdharma
  [FREE] CPTS 12 FLAGS pulsebreaker 96 4,544 7 hours ago
Last Post: pokehim

Forum Jump:


 Users browsing this forum: 1 Guest(s)