Player

1235789

Comments

  • Brilliant box, learn some much. The video part is really cool.
    USER: user make sure you view each file source, it’s all there just make sure you make notes a long the way, further on when stuck try to review files you weren’t able to view earlier.
    ROOT: Standard enumeration just watch what system is doing and try to take advantage of it.

  • edited September 2019

    Got User in a couple of hours. Uff! Now going for Root. Beautiful, hard OSCP-like box so far. Bravo, @MrR3boot!

    Tip: Enumerate the hell out of it and write down everything (errors, CVEs, filenames, I mean e v e r y t h i n g).

    EDIT: Rooted. At first, I had limited write access to the filesystem, but in the end I switched to another "something". God, how could I have missed that? Guys, always stick to the basics, don't complicate things, and, who knows, one day you might escape your "destiny".

  • Interested in what people recommend for vhost enumeration tools. I have haven’t had any luck getting one of these going.


    OSCP | PMP

  • Type your comment> @sneakypanda said:

    Interested in what people recommend for vhost enumeration tools. I have haven’t had any luck getting one of these going.

    Wfuzz

  • Type your comment> @sneakypanda said:

    Interested in what people recommend for vhost enumeration tools. I have haven’t had any luck getting one of these going.

    dnsmasq + gobuster. Worked like a charm.

  • edited September 2019

    Very cool and funny box. As i understand correctly there are possibility to root box without getting user. If you have a questions just PM me i can help you :)
    Basic hint: A lot of enumeration of names/services/versions/files

    If you need help with something, PM me how far you've got already and what you've tried. I won't respond to profile comments. And remember to +respect me if I helped you <3

  • Spoiler Removed

  • Rooted. Thanks, @MrR3boot for such a great machine.
    User - A lot of enumeration and googling. Google every piece which you find odd. It will be a long ride.
    Root - Very easy. Took me just 5 mins. Look closely at the processes and dots will connect.

  • hey can i PM someone about the path for the initail foothold exploit

  • Nice box @MrR3boot! User was really nice, got stuck a couple of times. Root wasn't that hard compared to user.

  • edited September 2019

    @MrR3boot Thanks for this box, i really appriciated the experience :)

    *I actually feel i gained more knowledge from the root part than the user, but user was fun fun fun.

    -All hail the Potato-

  • User is really torturous; had to dive into the source for this one.
    Root was really easy though.

    Thank you for the box @MrR3boot

  • Type your comment> @ScreenSlav3r said:

    Type your comment> @sneakypanda said:

    Interested in what people recommend for vhost enumeration tools. I have haven’t had any luck getting one of these going.

    Wfuzz

    I've tried that without luck. Think I must be looking in the wrong place. Would appreciate a nudge.


    OSCP | PMP

  • Try Smarter @sneakypanda. Thanks for the feedback @weelye, @Ketil , @mooncak3, @gustystream, @combinator, @hackforfun and @Kucharskov. Hope you had fun with the box.

    MrR3boot
    Learn | Hack | Have Fun

  • Great box !! finaly Rooted thank to @MrR3boot !!!!!!

  • edited October 2019

    is there anything to do with the default domain, or is it just rabbit hole?

    EDIT: nvm, got it.

  • Spoiler Removed

  • edited October 2019

    I have absolutely no idea how people guessed right way to file in process.
    If you are trying to enumerate all what you can, and then somehow combine it to way-to-go this is not that kind of machine, at least it is not for foothold's file in process.

  • edited October 2019

    Okay, need a nudge. I don't understand what I am missing.
    so enumerated vhosts. have a few of those found. one seems pointless as it is just javascript and pictures. read through the text though. it looks like a hint that i dont get. with two others i feel like i did everything I could, but i cant guess the greds for the d**.****er.htb and can't find anything at st****g.****er.htb. found bak file. but i have no idea where to use the string from it.
    could somebody give me a hint? i am very confused with all of the enumeration here

  • edited October 2019

    do we need a special wordlist in order to crack the hash for the web service on d*?
    UPDATE: others said that rockyou should work for everything here at HTB. so there should be another way in, not just cracking the hash.

  • I'm really stuck on getting anything that the hints from the c*** vh*** are saying. I have gobustered everything and looked at everything, but just can't see where to go from next. i feel like the response from the con****.p** is telling me something but I just don't know what to do with it. Ahhhhhhh

  • edited October 2019

    What could possibly be done with this uploading?
    EDIT: Without knowing how uploading work it is really hard to highlight useful vuln from tons of strange search results.

  • I've just started exploring , however I'm having timeouts with this box on vip server.
    Rebooted - still doesn't work.
    Is it a bug or a feature? :)

  • got some creds and now stuck at l*ll. Trying to escape but very few doors. any hint would be appreciated.

  • Awesome box just, rooted thanks so much @MrR3boot one of the harder boxes that I've done but super satisfying!

  • @bluealder Glad that you enjoyed it :)

    MrR3boot
    Learn | Hack | Have Fun

  • edited October 2019

    Finally got root... Thank god! It was such a looong road...
    But I loved this machine! Even though it was so frustrating most of the time, it also felt incredible every time you got to the next step. Loved that! Exploit for the web got me so excited, I've never seen such a cool vuln. Plus root was easy and fun.
    Thanks big time to the @vsamiamv for all of the tips!
    And thanks to the @MrR3boot for the machine!

  • Nice play @FatPotato

    MrR3boot
    Learn | Hack | Have Fun

  • edited October 2019

    Awesome machine @MrR3boot . This was my first 40 points machine and i learned a lot. i thank @MrR3boot , @weelye , @Kucharskov for hints. User was a long way. root was obvious and easy, though there are few other ways for root. but i know only one.

    Pm me if you need hints!

  • Welcome @shadyR . Good work :)

    MrR3boot
    Learn | Hack | Have Fun

Sign In to comment.