Recent Activity

Activity List

  • farfrumh0me

    Still working on offshore?

    2:20AM
  • Welcome Aboard!
    April 18
  • gaius

    Hey, I hope you don't mind me messaging you. It's regarding the "massacre" challenge. I'm really stuck on this, since my idea doesn't turn out to be something valuable. I noticed most of the r,g,b values are round (divisible by 10), and some pixels are not. Am I in the right direction? Would you spare a hint?

    1:11AM
  • Roard

    Hi Lotus! you need to change security context to read user.txt in Irked

    try ls -la as the first step

    April 18
  • osmus, Almadjus, anon151019, Roard, ARainchik and 35 others joined.
    Welcome Aboard!
    April 17
  • Sorry everyone if I don't respond to messages... I am not active on HTB these days.

    April 18
  • benseshi changed their profile picture.
    Thumbnail
    April 18
  • WhiteVoid

    hey, i am working on Irked box,

    got struck with the steg, i tried brute forcing with rockyou, nothing found :(

    where can i get the password,can you give me any hint ? from the forum i found that i can perform privilege escalation directly using SUID binaries. can you help me with that ?

    how do i run the script when i cant access anything

    April 18
  • Zekah changed their profile picture.
    Thumbnail
    April 18
  • wabafet changed their profile picture.
    Thumbnail
    April 18
  • AzAxIaL

    Heya. I was wondering if I could get some help with the initial foothold connection for Conceal.

    I understand that from the snmp-check and ike-scan results that I need to connect to the box using strongswan ipsec. I have the PSK hash which decrypts to "Dudecake1!".

    At the moment, I have this in my ipsec.conf

    conn conceal
        left=%any 
        leftsubnet=0.0.0.0/0
        right=10.10.10.116
        leftauth=psk
        keyexchange=ikev1 
        authby=secret
    

    This in my ipsec.secrets

     : PSK "Dudecake1!" 
    

    I am not sure how I am supposed to connect, as I have seen I can use ipsec start or I can use charon-cmd. Both of them produce these restransmit messages

    07[NET] sending packet: from 10.10.13.27[57426] to 10.10.10.116[4500] (920 bytes)
    09[IKE] retransmit 1 of request with message ID 0
    

    Any hints or website links would be appreciated.

    April 18
  • killerhold

    Hi,
    can you please help me with root "HELP Machine"

    April 18
  • stdclass changed their profile picture.
    Thumbnail
    April 18
  • saso

    Hey there, would you mind helping me with Irked? I have user and I'm trying to understand the output of LinEnum.sh, but I'm not finding anything useful. I know everyone is talking about a particular binary, but I can't find an interesting one. Even compared to my own Linux machine.

    April 18
  • k4ct0

    Hey dude, i need help on Help machine. What was the edit you did on your exploit? I'm having a lot of problems to find the php shell im uploading... Im looking at /support/uploads/tickets, i change my timezone but im unable to find this shell.

    April 17
  • divictus

    Hey, hope you doing great ! need some tips for querier, can you help ?

    April 17
  • k4ct0

    Hey, i need a hint on this machine. I started with the vector in helpdeskz were you can upload a file. I've checked every code (exploit, github) im sure that the path is /support/uploads/tickets what i cannot obtain is the file uploaded, the exploit tell me that it didnt find it.

    How can you obtain the url of the file uploaded?

    April 17
  • izmaglica changed their profile picture.
    Thumbnail
    April 17
  • Sudo

    Hi,
    I am working on getting querier user.txt,

    so far i have gotten credentials from the smb share and the xslm file. But i am unsure what to do with them... they dont work for impacket... can you provide a direct hint?

    thank you

    April 17
  • Welcome Aboard!
    April 16
  • kilo5150

    could I get some help with getting the creds on help? I see the site on 3000 but have no idea how to interact with it , query it. Thx in advance

    April 17
  • CJ90 changed their profile picture.
    Thumbnail
    April 17
  • wat3r

    Hi there, I saw a comment you made in the lacasadepapel thread:

    "You can obtain root without needing to use the QR code. If anyone needs a nudge in the right direction for root shoot me a PM. It's pretty easy to figure out once you stop over thinking it haha."

    I wanted to beg for a hint :) I got to the psy shell, see $tokyo, and have managed to read/write files, list directory contents, and search for files. Really stuck now - any hint you could give would be appreciated :)

    April 17
  • Seanhtw changed their profile picture.
    Thumbnail
    April 17
  • jownz

    Hi, Do you have a little hint for me on the Privesc? What do ppl mean with "the framework" - neither Metasploit nor PowerSploit give me anything useful. Thanks

    April 17
  • punxsutauwney

    Hi, I am wondering if you could help me finalizing this Grammar challenge. I have the MAC stuff and converted it, but I keep getting the page saying that only lower characters are allowed. I have used a lot of combinations in the final POST. This is my latest attempt. {"User":"whocares","Admin":"True","MAC":0}
    Encoded as base64: eyJVc2VyIjoid2hvY2FyZXMiLCJBZG1pbiI6IlRydWUiLCJNQUMiOjB9 What Am I missing here? Thanks in advance. P

    April 17
  • k903 changed their profile picture.
    Thumbnail
    April 17
  • krownburger changed their profile picture.
    Thumbnail
    April 17
  • n00bs1337

    Hi man. I am stuck in arkham. I Know wich is the vulnerability is , but not know exploit yet. Can yoy give me some hint , abou encrypt /singn payload in java faces view state ? Some link when can learn. Thx.

    April 17
  • Falconknee77

    Hey dude, Just getting stuck on lacasa hoping for a nudge. i see the 80 and https. tried to do some dns stuff with lacadepapel.htb address, couldnt find much. Scanned with gobuster and nikto to find web vulns didnt come back with much. also looked into port 6200 that came back on a nmap full scan, not much their either :(. thanks

    April 16

Howdy, Stranger!

Click here to create an account.