• Finally ...find the root flag ...... Its very nice machine and at somepoints its irritating me .. But overall good machine !

  • Need some help in root of ghoul I think I have the gained the max. foothold and I'm at the last stage of it

  • Well, finally rooted.

    The foothold for user was by no means a stretch of the imagination.

    Root on the other hand... Jesus Christ. I honestly can't possibly recommend this box to anyone. If you have multiple days to simply set aside and dedicate solely to this box and this box alone, go right ahead and try it. Otherwise, don't even bother. I managed user on this machine in about 2 hours, and that was almost 2 months ago. I just got root last night after an on-and-off 2 month long battle. Granted, I took multiple breaks from this (because I had to, honestly), but root took so damn long regardless...

    Best of luck to anyone else working on root for this one... It's a god damn doozy.

    Hack The Box | Retired Machine Writeups! - "Let me just quote the late, great Colonel Sanders, who said, 'I'm too drunk... to taste this chicken.'”

  • rooted, we should have a badge after root this machine.
    i want my badge !!!

  • edited August 2019


    Edit: rooted
    This box was waaaay too long. I've been at it over a week and even with some pretty substantial tips there were times where it just seemed there was no way forward. It's not hard, its just annoying,. That said this box really challenges your ability to think creatively with what is possible when your usual tools are several hops away. The box gets far more interesting the deeper in you get.

  • That's a nice compliment! Thanks for trying out the box and yes , we'll try not to make a path so tedious from the next time.

    Hack The Box

    Don't let the box pwn you!!

  • Really struggling to get past /u**s/l****.h* at the moment. I've enumerated pretty hard and seen a bunch of hints I'll be damned if I can guess my way in. Did some wordlist building with cewl and let hydra run at it for a while.

    I'm currently going back over enumeration and seeing what else I can dig up. Would appreciate a bit of a tip here though - is there anyone I can pm abou this?

  • Type your comment> @smidgey said:

    Really struggling to get past /u**s/l****.h* at the moment. I've enumerated pretty hard and seen a bunch of hints I'll be damned if I can guess my way in. Did some wordlist building with cewl and let hydra run at it for a while.

    You should see with further options go to higher port and do more enumerations its easier then u think try wht u always try (big hint there ) once ure there u will see through it

  • My journey is not finished yet it felt awesome getting the user with all the pain that i have been through from the beginning till now i would say its unfortune that this box is only 40 pts the road to root seems exhausting big thanks to @MinatoTW you made great work there i have learned alot untill now thank you

  • edited August 2019

    Thanks @lfabname, glad you're enjoying it! And don't forget egre55, it wasn't possible without him. ;)

    Hack The Box

    Don't let the box pwn you!!

  • please help me with this machine can't find the uploaded file path

  • edited August 2019

    Type your comment> @manitorpotterk said:

    please help me with this machine can't find the uploaded file path

    hint for anyone doing this box:
    Check the services, find out what are their defaults. On initial step try to put your own data there. When you get inside, check the settings of all exposed services – all of them where configured more or less.

  • Rooted; took me 3 weeks of off-again on-again attempts. Thanks to @ChiefAG for all the nudges.

    I don't even have a good hint to post for anyone struggling. Sorry, this box is certainly mind-bending.

  • It wasn't that insane. If you enjoy pivoting then it's fine.
    The creds being massively buried in a very weird and non-human way was the maximumly heavy lift here. That erased a day. Or two, or nine.
    But yea we should have a badge and it should have been a SICK looking badge.

    Good luck people of earth.

  • pps-
    Just googled maximumly. It's a word.
    Deal with it.

  • Need help finding where my files are uploaded.

  • Can anyone chuck me a nudge for user please I have user access as N*** and have a www***** shell not sure where to go from here.

    Hack The Box

  • edited August 2019

    I have been going at this box for a long time now and I have finally gotten so stuck I don't know where to go next. I could really use a nudge. I have rooted G*** and gotten the a****-***.7z.

    EDIT: I found the interesting stuff in a****-***.7z and escalated but now I think I'm one step away and don't know how to exploit k*****_adm.

    EDIT 2: nm, rooted.

  • ok, So i have the user flag, can someone help me with the root flag, I am not sure how to enumerate the box, I get i have to pivot out of the environment but unsure how to do so. any help would be appreciated :)

    Hack The Box

  • can someone give me a hint on the zip vuln

  • got user, working on root now :smile:

  • Finally rooted the box. This box was pain in the ass. Also my thanks to @v1p3r0u5.


  • who can help me ?

  • @xlxlxltt said:
    who can help me ?

    I am a novice scanner port to 8080 page password how to crack

  • Anyone around to help with root on g** running an rce but stuck as to next move, please help 🙏

    ”No questions a stupid question”
    <img src="" alt="Hack The Box">
  • edited August 2019

    Anyone available to help with RCE on G***? I can't seem to get the privesc to work? the script i am using runs fine with no errors but it has limited documentation and not quite sure what I need to look out for!

    EDIT: i have rooted G+++ found some interesting bits in the .7z file but unsure where to go from here. any pointers?

    Hack The Box

  • You've done well to come upto here human. But what you seek doesn't lie here. The journey isn't over yet.....

    Is this box trolling me or what? where the hell is this bloody root flag?!

    someone save me please...

    Hack The Box

  • It's Over! Rooted!

    Thank you @xcoder and @v1p3r0u5

    Hack The Box

  • Finally rooted.
    A very long journey for this one.
    Thank you @xcoder and @Dreadless

  • edited September 2019

    Any hint on the gogs password? I tried everything I found but no success

    edit: nvm, root. hated it a bit (waiting for the last part for several rounds to get command right: hated it a lot). but learned a lot about ssh


Sign In to comment.