Book

Let's Read Faster :wink:

MrR3boot
Learn | Hack | Have Fun

«13456721

Comments

  • jajaja really ?

  • I'm guessing this is open source. Maybe the exploit or the service
  • Everyone ready for this one ?

    Hack The Box

  • It's my first first blood attempt, wish me luck

  • edited February 22

    good luck to everyone :smiley:

    And happy hack day! ~ . /

    ++++++++++++++++++++++++++++++++++++++++++++++++++

    Str0ng3erG3ek

    +respect me if I helped you :}

  • Let's do this!

    • Stay hungry
  • Anyone able to connect? 8 min so far and not a single second port reply received.

    Hack The Box

  • I cant even connect to any box, connection pack isn't working correctly

  • Type your comment> @alez said:

    Anyone able to connect? 8 min so far and not a single second port reply received.

    I have already logged in on the site. Not sure why people are having connection issues...


    Hack The Box
    defarbs.com | Retired Machine Writeups! - "Let me just quote the late, great Colonel Sanders, who said, 'I'm too drunk... to taste this chicken.'”

  • Type your comment> @alez said:

    Anyone able to connect? 8 min so far and not a single second port reply received.

    I can connect but the web server appears unstable. I suspect it may be throttling the service when it detects automated scans

  • I think i found the first exploit point after login

    • Stay hungry
  • oh my, a*** login. SQL Injection is not my strongest point. hope its not a rabbit hole

    Hack The Box

  • If you have a Garden and a Library, you have everything you needed.
    Hint???

  • As usual there’s no need of guessing and bruteforcing. Have fun ;)

    MrR3boot
    Learn | Hack | Have Fun

  • edited February 22

    highest port is slow as fuck. im working on the u***ad from c*****tions.php and the b****s.php, but is lagging hard

  • Is it normal for new boxes to be lagging so hard right after release, or is it specific to this one?

    choket

  • Boy this machine is stupidly slow! o.0

    Hack The Box

  • is this an unusually hard box or are the usual first blooders away on a holiday retreat? i'd like to think of @sampriti or @snowscan parasailing at an exotic destination drinking tropical cocktails with fancy umbrellas in them.

  • I couldnt see anything obvious yet but the pdfs and jpgs are the only thing i noticed unless they are a rabbit hole.

  • It has to be something related to **f upload and f******k.php...

  • found an admin page, cant do crap with it lol

  • I'm planning to start this tomorrow, but the fact that there are no bloods worries me :D

  • I think I found something that might be vulnerable but still working on exploiting it, surprised theres no bloods taken yet 😳
  • I've managed to upload a file. But I'm approaching it wrong or use commands the wrong way. Is it legal to team up? Would anyone want to?

  • Just followed another rabbit hole, just to find out the vuln is long closed. :neutral:

    Hack The Box

  • Have there ever been boxes where XSS was the foothold? I was able to get an XSS trigger to send me a cookie, but it seems the admin user doesn't interact with the feedback so I can't get their cookie...

  • Still no first blood. Has anybody managed to get a foothold yet?

  • Type your comment> @Thane121 said:

    Have there ever been boxes where XSS was the foothold? I was able to get an XSS trigger to send me a cookie, but it seems the admin user doesn't interact with the feedback so I can't get their cookie...

    This is a really good question. No box with xss to my knowledge.

    Hack The Box

  • Type your comment> @init5 said:

    found an admin page, cant do crap with it lol

    You can try to BF it :-)

    Hack The Box

  • There was one actually

Sign In to comment.