Guys there's no need to access the database. the user name can be found if you change the directory to /home or you can simply type cat /etc/passwd. then you can connet with the ssh command with the password of that file

@Ar-yw7fh

20 күн бұрын

Ohhh alright!! Thanks bro!

@pranavmuralidharan762

8 күн бұрын

Uh how? You only have read permission for /etc/passwd file for www-data user and you don't even have permission to read /etc/shadow . So how can we extract the passwd file from /etc/passwd for root user!?

@KT11293

19 сағат бұрын

@@pranavmuralidharan762 I think he's talking about finding the "larissa" username in /etc/passwd, which was the first time I saw it too. That plus the password you get for the MySQL database can both be used to ssh into the target for the user flag.

I Hate My Self So much! BOARD.HTB WAS RIGHT DOWN THERE. This whole time I was trying to enumerate vhosts

@Ar-yw7fh

20 күн бұрын

:(

I have been trying to connect to the MySQL server using the password from the config file, but I can't seem to connect to it because its taking too long.Also, usually we are not able to see the password we enter for security reasons right? but I can see the plaintext password when I type it. What should I do?

@Abra403

25 күн бұрын

Same here

@eaness

25 күн бұрын

go for su larissa then give the password you found. dont wait for response just type pwd and go ahead.

@eaness

25 күн бұрын

go for su larissa and enter the password you got. and you just got in, dont wait for any response (type pwd).

@ledudequiventleshamwow7518

25 күн бұрын

Same here

@JewishHacker

23 күн бұрын

The issue is you need to create an interactive shell after using the dolibarr exploit, once you get a shell with your listener run this command python3 -c 'import pty;pty.spawn("/bin/bash")' and it should create an interactive shell, fixed my issue.

Nice work work , is there any way you can share your notes with me?

your notes are great, can you share it?🙇

@R3dLB

5 күн бұрын

Thanks bro, i am still working on them. In the next future i will share it in github🫡

Would you share your joplin notebook with the cheatsheets?

what is the test editor you using for notebooks

@R3dLB

7 сағат бұрын

Joplin

@srikanth4326

6 сағат бұрын

@@R3dLB thank you 👍

i will suggest next time add voice also if u can watching it silently is tough just speak the step u are doing . subscribed you !

@R3dLB

27 күн бұрын

I had a problem with the microphone this time. Next time will be better for sure. Thanks for the advice!

play more ctfs bro you got a sub

hey nice job, can you share that joplin notes?

@R3dLB

26 күн бұрын

I will prepare a Github repo in the next future

mine is not opening up, i tired adding it to host file too, used pwnbox also but this IP 10.10.11.11 is not opening in my device, even though machine is enabled and connected can you suggest me solution

@skdutta7185

27 күн бұрын

make sure you are connected to their openvpn first

@R3dLB

27 күн бұрын

Yes, check if you are connected to their competitive VPN. Another thing you can try is to delete and download again the vpn file, sometimes you have to do it.

what is the pass for DB??

@Ar-yw7fh

20 күн бұрын

You can find it in the /conf file right?

@Ar-yw7fh

20 күн бұрын

When you view the contents of the /config file using cat /config and then you will find the username as well as the password to connect to the MySQL server

hello This is kai from india is there a time to talk with me

I don’t understand why you posted a live machine video. Also, those who saw this video and solved the box. I must say, you guys can't become a good pentester or htb platform is not for you.

@sawaxyhodoo7198

24 күн бұрын

I don't understand why indian people are still living

@KT11293

18 сағат бұрын

Some people get stuck half way through the box and are just looking for the next step. It's a lot smarter to look up a detail you missed and take it as a learning experience than spend hours or days trying to blindly figure it out on your own.