• Why people are pushing their own shell when there's already one?
    Got user.
    Going for root, but I keep getting kicked out by so many resets to the box.

    Hack The Box

  • Failed to de******
    Am I in the right path?

  • edited March 2020

    The amount of resets is infuriating :anguished:

    Trying to just reproduce my steps to complete writing my notes, and by the third time can't complete.

    EDIT: And just now someone deleted an important file. :lol: Now I'll ask for a reset. :neutral:

  • Rooted, PM for help
    P.S. For the love of god, stop resetting this poor box


  • Finally got it. Feel free to DM for help and/or ping me on discord.

    Discord: Ursa#1337


  • Very rarely come to the forums, felt like I had to this time. People on VIP servers are constantly resetting the box....

  • What is so special with this box and so many people reset it?

  • Because they are idiots

  • Not a bad box. I liked the small OSINT part.
    Took me a bit more than 20 minutes to get user and root, so definitely a refresher after the hole Insane boxes...

    Even though I don't think anyone should need hints on that box, PM me if needed... ;)

  • Rooted!
    In a race against time and people :smiley:

    Hack The Box

  • Easy box even for a noob like me, but very fun nonetheless, and also learned something new.
    The only frustrating thing is people keep resetting it or overwriting stuff. So my suggestion is to write down your commands so you can copy-paste em when you will have inevitably to restart from the scratch :tired_face:

  • Cool box, useful to refresh some basics in priv esc

    For user:
    Search that comment

    For root:
    Maybe something is writable

  • Just got root.txt
    Jeez so instable terrible ..

    Cool box @Xh4H
    But cudos to the author :)

    Just people spoiled the good intentions by resetting and deleting and overwriting stuff :(

  • edited March 2020


    [email protected]:/# id
    uid=0(root) gid=0(root) groups=0(root)
  • Thanks for your words! Indeed resets are crazy. I did not expect users to remove necessary files from foothold, and so on.

    So, at the time writing this, I am running a few small changes on permissions to ensure the stability of said files.

  • Going to get back for root in the middle of the night, when people are not messing with the box.

    If my comment somehow helped you, you can show your appreciation with a Respect :)

  • Resets are crazy, webshell is down

  • I'm actually very disappointed in this crowd who are deleting files for no reason and even deleting some very crucial parts of this box. It partially feels like it's an attempt to DOS other people from working on the machine which is unacceptable. It's not the moderator's fault or anyone else's fault except those who are intentionally deleting things to prevent others from moving forward. You're not impressing anyone, just hindering others from making progress. Not even sorry for the rant because I'm sure I speak for a lot of people who may think the same right now...

  • edited March 2020

    @Xh4H Thanks a bunch for stabilizing the box, it's been unplayable since last night. Will try again now


    We are the things that were and shall be again

  • Rooted. Decent, actually easy difficulty box. Kudos to creator :)

    My only complaint is like the others above: it's really easy to mess up the box, by modifying the crucial parts. Also, contestants leave traces all over the place, leaving unintended hints for everyone else. Which is a shame because the box can be done very cleanly but most of the crowd seems to lack decency or skill to do so. And I've been working on VIP, it's scary to think what's happening on public servers.

    At least dev/nulling the .bash_history would be a good idea. Also, preventing a certain executable from being writeable might bring some order to the machine.

    Low priv user: OSINT, then basic enumeration
    User: Basic enumeration. then you might need to learn new language revshell. The breadcrumbs are there in case someone missed one of the most basic recon commands
    Root: Find editable executables, thing when they can be executed, exploit

    PM for nuggets.

  • @HumanFlyBzzzz said:

    @Xh4H Thanks a bunch for stabilizing the box, it's been unplayable since last night. Will try again now

    The changes will be live tomorrow, we usually leave saturday and sunday with the boxes as-they-are unless something critical happens. Hopefully the amount of resets go down tomorrow... I have also removed wall binary as i have heard a lot of people are abusing it...

  • Rooted: nice box thanks. Learned something new with the priv esc.
    Standard dir busting wont yield much for the foothold. Focus on the source of the matter.

    Sadly the box is getting corrupted due to ppl screwing up commands.

    alt text

  • edited March 2020

    Interesting Box, definetly something new I haven't encountered before.

    User: OSINT, use the information that the box provides you (no bruteforcing required)
    Root: Enumerate. Timing is all you need.

    For nudges feel free to pm me

  • edited March 2020

    Fixes incoming ...

  • I am pretty new to OSINT, need help for initial foothold.

  • edited March 2020

    For automating (in the face of people resetting the box):

    1. Burp suite copy as curl (or your browser)
    2. One off SSH commands: (heredocs are cool to learn about anyway ^^)
  • edited March 2020

    Got in through what was already there, struggling to move forward because of people DDoSing/resetting/griefing the system.

    edit: reset again. want to scream.

  • Guys pls fgs do not reset the machine :(

    Hack The Box

  • Rooted.Thx :) Nice box


  • maaann too many trolls. Waiting for those fixes to take effect from @Xh4H :)

    Hack The Box

Sign In to comment.