Seasonal machine at hack the box is a Linux instance with Apache 2.4.52.
I’ve seen a lot of people struggling to find a functional and working reverse shell after they got the initial foothold. From an initial foothold it is possible to locate credentials to connect via SSH. If you have problems finding them..read further!
This hint requires that you’ve got the initial foothold and are able to send commands/queries to the machine.
With the help of the commands/queries you can list files on the system. In order to find the “hidden” credentials the hint is short and concice:
Good luck and let me know if this hint has been of any help!