TUTORIAL Attended User how to
by lingling40hrs - January 20, 2021 at 11:32 PM
#1
Disclaimer: beginers probably cannot do this even with the below walkthrough. Cause this is a summerized solution for who are close but not there yet.
Hidden Content
You must register or login to view this content.
Reply
#2
The root is pwn, so probably I won't do it cause I don't like pwn that much. If i do tho i will share it.
Reply
#3
(January 21, 2021 at 12:45 PM)lingling40hrs Wrote: The root is pwn, so probably I won't do it cause I don't like pwn that much. If i do tho i will share it.

can you upload the pwn binary?
i would like to look at it
Reply
#4
that's an interesting idea. let me do that.
Reply
#5
in the configuration file there are spaces every line, is this correct or is it an error? I ask because it doesn't work for me
Reply
#6
yeah it's correct just see any ssh config file in the web. https://linuxize.com/post/using-the-ssh-...le-example

As I said in the post you need to know a little bit about things to make this work. But yes it works.

(January 21, 2021 at 01:24 PM)randomname83 Wrote:
(January 21, 2021 at 12:45 PM)lingling40hrs Wrote: The root is pwn, so probably I won't do it cause I don't like pwn that much. If i do tho i will share it.

can you upload the pwn binary?
i would like to look at it

hey here is the file: https://anonfiles.com/R0zbn6B0p6/authkeys

md5 e30566911efa72a62210e0079ab5df95  authkeys

to verify

For ppl wanting to get the root binary that is above and this is some extra information:
i have uploaded the binary and posted in the thread :-)

[ ] enable authkeys command for sshd
[x] remove source code
[ ] use nobody
on attendedgw:
[x] enable authkeys command for sshd
[x] remove source code
[ ] use nobody


this is a note.txt ^


and this is /etc/hosts
192.168.23.2 attended.attended.htb attended

192.168.23.1 attendedgw.attended.htb attendedgw
Reply
#7
[Image: Cn9yiuh.png]

lol this is the attended user graph. You ppl are really at it eh? :rofl:
Reply
#8
(January 22, 2021 at 09:36 AM)lingling40hrs Wrote: [Image: Cn9yiuh.png]

lol this is the attended user graph. You ppl are really at it eh? :rofl:

Don't you saw the rope2 root graph?
Reply
#9
No i didn't know about rf then. :rofl:
Reply
#10
So, ppl who are struggling to get the mail from guly.

the mail is coming to freshness so make a new user in ur attackbox. then open the file /var/mail/freshness.

Like you can either make a new user or create a mail alias. But i did the former one, I did sudo adduser freshness and the mail started to come to /var/mail/freshness.

I understood that it is indeed coming to freshness by watching the logs at /var/log/mail.log and got the idea of creating an user.
Reply
#11
Bumping this up as this needs to get rooted lol
Reply
#12
(January 24, 2021 at 05:01 PM)lingling40hrs Wrote: Bumping this up as this needs to get rooted lol


no one rooted it yet :(


Bumpppppppppppppppppppppppppppppppppppp
Reply

Possibly Related Threads…
Thread Author Replies Views Last Post
TUTORIAL ATTENDED [DISCUSSION] 0xvijay 55 14,128 9 hours ago
Last Post: sami92
BUYING Attended root part Kali76 0 401 February 21, 2021 at 03:00 AM
Last Post: Kali76
BUYING Attended machine writeup + Antidote and vmcrack challenge flag shakadoo 0 407 February 20, 2021 at 11:06 PM
Last Post: shakadoo

 Users browsing this thread: 2 Guest(s)