I am not totally convinced it is the DDOS exploit which crashes the server.
I am on VIP and tried as soon as the box was release with nmap sT 10.10.10.165 and port 80 was closed.
After two reset, still closed.
So i am not totally convinced it is just the DDOS.
I am not totally convinced it is the DDOS exploit which crashes the server.
I am on VIP and tried as soon as the box was release with nmap sT 10.10.10.165 and port 80 was closed.
After two reset, still closed.
So i am not totally convinced it is just the DDOS.
Same Here
Yep, I have switched vip servers, multiple resets, have not seen it open yet...
Type your comment> @minimal0 said:
> I am not totally convinced it is the DDOS exploit which crashes the server.
> I am on VIP and tried as soon as the box was release with nmap sT 10.10.10.165 and port 80 was closed.
> After two reset, still closed.
> So i am not totally convinced it is just the DDOS.
The port 80 being closed problem should be resolved. And don't ever DoS on htb.
GCIH | GCIA
If you need help with something, PM me how far you've got already, what you've tried etc (I won't respond to profile comments, or on box release night). And remember to +respect me if I helped you ; )
Got foothold and the credentials for the user, cant ssh or su to the user using the cracked credentials. Any hint on this one on how to escalate to user?
Got foothold and the credentials for the user, cant ssh or su to the user using the cracked credentials. Any hint on this one on how to escalate to user?
Comments
Type your comment> @minimal0 said:
Same Here
View my Profile
For the fucks sake.
Read exploit descriptions before using them... fucking bastards.
Weird how /e****.ht** works thought
I got in and have credentials, but cannot use it until now..
Type your comment> @c1cada said:
Yep, I have switched vip servers, multiple resets, have not seen it open yet...
Type your comment> @Gboxx said:
thats the thing... don hv any login page too in the website
Spoiler Removed
Most probably a rabbit hole. They are way too in the open
anybody found a way to use creds? or just a simple rabbit hole?
God these creds for the user d***d but they seem to be useless
> I am not totally convinced it is the DDOS exploit which crashes the server.
> I am on VIP and tried as soon as the box was release with nmap sT 10.10.10.165 and port 80 was closed.
> After two reset, still closed.
> So i am not totally convinced it is just the DDOS.
It was open for me though. Its weird hmmm
The port 80 being closed problem should be resolved. And don't ever DoS on htb.
If you need help with something, PM me how far you've got already, what you've tried etc (I won't respond to profile comments, or on box release night). And remember to +respect me if I helped you ; )
Type your comment> @Gboxx said:
No, they aren't. Try harder
Type your comment> @olsv said:
Did you ever use them? If so, I am curious about that. I rooted it without ever using those credentials.
Type your comment> @trollzorftw said:
Yep. They eventually lead to D...
got user, root is hard, i'm still enumerating
Can I get a hint about how to start user without port 80 open?
Got foothold and the credentials for the user, cant ssh or su to the user using the cracked credentials. Any hint on this one on how to escalate to user?
Type your comment> @casey said:
same here
Got initial shell, haven't found any creds, any hints?
Type your comment> @Shad0wQu35t said:
But port 80 is still closed, tried reset but not worked
Type your comment> @Ma1ware said:
try look for the folder used for html
got initial shell and found da*** credential, but unable to use su and ssh into da***. is that a rabbit hole?
Do we need the .hta***** file for getting user ?
I found creds but not worked, but found something in n...co.. and open a new page
Stuck with found creds too...
@OMYT said:
same here xD
OSCP | Stay root! | Twitter: S1lky_1337
Can someone pm me how to crack creds. I know how to use them..
Type your comment> @stoffern said:
the usual tools run within a VM will crack them in a few seconds in your VM if done properly no need for high end GPU's or anything
Сredits of user d *** d in the htp **** d file is a rabbit hole ?
https://www.hackthebox.eu/home/users/profile/148238