Cache

1246717

Comments

  • Alright not even 20 minutes in and I already have a pro tip, on the wayback machine if you do what I did and search for the box, do read the title of what comes up lmfao saw more than a rabbit hole O.o

  • LMAO!!! that's not a spoiler but a fun fact! +1 for that

    Hack The Box

    discord: vicio#4677

    Always Remember MRX Rules:
    1. No System is Safe
    2. Aim for the Impossible
    3. Have fun at cyberspace and meat space

  • Found some creds but when I use them. All I get is an image. Rabbit hole?

  • I can only find authenticated exploits. Anyone want to give me a nudge? Not sure if I should be able to get admin creds

  • Nudge about creds would be nice. Fuzzed with multiple wordlists and file extensions but nothing on cache and h** sites.

  • I am Stuck at n**.h**** page. Does it have to do something with the image? Please help...

  • May I have a nudge, please? I found cred and then stuck in the n.h*** with a 4*****2.j not sure if it is a rabbit hole.

  • Type your comment> @Kaiziron said:

    May I have a nudge, please? I found cred and then stuck in the n.h*** with a 4*****2.j not sure if it is a rabbit hole.

    im stuck here too, i tried to steg the 4...2.j** file and several .j** files, but i cannot get anything :(

  • Type your comment> @rfg said:

    rooted
    Interesting machine ; good job
    user : enumerate and enumerate and enumerate and enumerate and enumerate and exploit ...
    root : remember what you see when you open the door and privesc :) like a charm
    thank you for the box

    even i rooted the box, i dont know what you mean by this and how is this related to the machine

    Arrexel
    OSCP | I'm not a rapper

  • edited May 10

    Don't go to the wayback machine and search for http://cache.htb
    It will not end well for your eyes (or maybe it will I dunno what stuff you 're into).

    Someone is also destroying the whole functionality. Please be more gentle, it requires brain not brawl. I have to reset again due to this mess.

    HINT: For the initial foothold you don't need OSINT but that author is telling you something interesting.

    ANOTHER HINT: If you found the vulnerability do not change the globals file, it breaks our experience. Modify the POC you found on the internetz accordingly.

  • Since I have the feeling that many people struggle with the initial foothold here is my tip: Don't rely on the usual enumeration tools (this time they won't really help). Enumerate manually, read carefully the information you can find on the website and try to find more information about the author

  • Rooted. If you need a nudge, DM me.

  • edited May 10

    very fine machine

    [email protected]:~# ifconfig ens160 | fgrep 10. | awk '{print $2}' && whoami
    10.10.10.188
    root

    calipendula
    for nudges ONLY on discord calipendula#1089

  • Someone can give me a little nudge: Is this REALLY osint for foothold or are you guys joking?

    Hack The Box

  • Spoiler Removed

  • Box complete. Nice box but I got root before user so I guess it was not the intended way.

    alt text

  • Type your comment> @sparkla said:

    Someone can give me a little nudge: Is this REALLY osint for foothold or are you guys joking?

    yes

    b3nn
    PM for nudges, but tell me what you've got so far. If I helped you, remember to give respect.

  • @xrchsploit I was dying laughing when I saw that on wayb too.. haha. I didn't dare explore it though.

  • Type your comment> @sparkla said:

    Someone can give me a little nudge: Is this REALLY osint for foothold or are you guys joking?

    lol this part actually took me the longest. Not OSINT but there is a clue on one of the pages. With that info think how you can discover that thing.

    alt text

  • Type your comment> @xrchsploit said:

    Alright not even 20 minutes in and I already have a pro tip, on the wayback machine if you do what I did and search for the box, do read the title of what comes up lmfao saw more than a rabbit hole O.o

    This is gold haha

  • Can't seem to find anything on google or wbm - except for that "kitty" site and a 15 years old "Parked Domain Listing". Searching for H** brings up results that make me paranoid.

    Hack The Box

  • Oh great, someone is constantly changing the password to H**...

  • Struggling for auth on h**.***. I'm looking at what look like M**** backups. Is this a rabbit hole?

  • Almighty spaghetti monster, that o*E thingy is crapping out all the time. Can't even type anything in it dies so quickly. Naturally dunno if creds are not working 'cause people are messing with it or if it's intended.

    S1ph1lys

    We are the things that were and shall be again

  • Should you be able to use the creds on first place on the other place ? Not sure if I need to reset again because some idiot changed the password.

    image

  • Rooted !

    Pretty interesting box :).

    PM if you need some nudge

  • people stop resetting the box!!!
    i have been trying to access the url for the last 15 mins and i cant!
    just terrible !

  • Same here, it's supposed to be an entertaining experience but it's not. I would really like to suggest a penalty on multiple box resets. This is not fun anymore it's just frustration.

  • always Connection Time Out

  • @dinosn yeah you are so right .Sometimes it turns into frustration :( and you spend more time fighting resets instead of enjoying enumeration and stuff

Sign In to comment.