I never get these kind of "clues" on the website nor on the forums. Very bad at these guessing games and OSINT - and I can't find it entertaining either.
@Warlord711 said:
Should you be able to use the creds on first place on the other place ? Not sure if I need to reset again because some idiot changed the password.
I'm on EU free 1, It is giving me a login page before, but now it gives me "Check that mysqld is running." instead, is it my problem, or is it intended? or anyone of you has this problem too?
I'm on EU free 1, It is giving me a login page before, but now it gives me "Check that mysqld is running." instead, is it my problem, or is it intended? or anyone of you has this problem too?
No it is not intended. People are f**kin this machine with slegdehammers. I cannot receive a shell due to this problem.
Rooted! Really nice and fun machine!
Initial foothold: Always read some info about the author. It might hosts something interesting.
To User: You need multiple chained vulnerabilities to get that searchploit to work. Then remember all the basic enumeration.
Lateral movement: Check who listens
Root: What are you part of? Then gtfo
Foothold- Try to understand what the CEO of Cache wants to say You may fall into a rabbit hole at first as i did. But the info from rabbit hole could be useful for the future. Make notes
User- Whatever you've got in foothold, try to find its vulnerabilities and carefully understand the exploit and see what it's doing. You may have to chain up different vulnerabilities
Root- See what different things like to listen and after that f3tch what you are looking for. Then you may have to dive deep in the ocean for root
Guys someone playing with hashes?, I get both user and root hash says "Incorrect hash for Cache" ??? W***???, after all this hard work!!!!!!,
Edit:
Resetting and redoing got me the working flag, I believe there is an issue in flag rotation. I saw a couple of members complained the same earlier. @ASHacker thanks for making a good learning machine. Enjoyed it .
So, found some credentials, but they don't work for the H** part. Found a boatload of vulns for that service, but always getting an error about something missing, when I bypass authentication (and try to access any of the vulnerable pages).
Anyone willing to shed some light on what I'm missing here?
Happy to offer nudges to anyone on boxes I've done, provided you show that you've reasonably tried to understand what the goal is! If I do help, please consider giving respect!
Rooted. Overall very enjoyable box. Alot of the hints in this thread are accurate. For root, dont forget about the other user. (There seem to be multiple ways to root this box)
Comments
Stuck on root, people talk about gtfo but i tried the obvious path but nothing worked. Any hints?
I never get these kind of "clues" on the website nor on the forums. Very bad at these guessing games and OSINT - and I can't find it entertaining either.
On VIP they don't work on SS* either.
Oh hell, everyone just doesn't go to the way back machine and search for cache.htb, no one will want to see those stuff.
I'm on EU free 1, It is giving me a login page before, but now it gives me "Check that mysqld is running." instead, is it my problem, or is it intended? or anyone of you has this problem too?
Type your comment> @Kaiziron said:
No it is not intended. People are f**kin this machine with slegdehammers. I cannot receive a shell due to this problem.
Annoying when people turn services off. A certain portal that was just online has now been turned off.
Feel free to ask for hints/nudges. Just PM me what you've already done, & give respect if I help you.
I am on the box as a*** struggling to find path to L****.
OSCP | GPYC | GPEN | GWAPT | GCFA | GCIH | CISSP
Is Bruteforcing need for auth of H**?
No, just good enumeration and reading up on applicable POCs to manually perform.
OSCP | GPYC | GPEN | GWAPT | GCFA | GCIH | CISSP
it was very fun. thanks @ASHacker
Rooted! Really nice and fun machine!
Initial foothold: Always read some info about the author. It might hosts something interesting.
To User: You need multiple chained vulnerabilities to get that searchploit to work. Then remember all the basic enumeration.
Lateral movement: Check who listens
Root: What are you part of? Then gtfo
Nice box, learned a few tricks. Thanks @ASHacker! And @su1tan for the nudge
Tips
Foothold: Check every pages, it will give you the information you need to progress.
User: You will have to link multiple vulns and look back at your beginning to land the right shell.
Root: Check for services listening ports and use that to pivot, and then you will quickly find what you need to exploit
Good luck everyone!
rooted!!
Thanks for creating a nice box @ASHacker
My YouTube Channel => https://www.youtube.com/c/NatzSec
You can subscribe if you want :P
Rooted! A very interesting box for me
Hints:
Foothold- Try to understand what the CEO of Cache wants to say
You may fall into a rabbit hole at first as i did. But the info from rabbit hole could be useful for the future. Make notes 
User- Whatever you've got in foothold, try to find its vulnerabilities and carefully understand the exploit and see what it's doing. You may have to chain up different vulnerabilities
Root- See what different things like to listen and after that f3tch what you are looking for. Then you may have to dive deep in the ocean for root
Guys someone playing with hashes?, I get both user and root hash says "Incorrect hash for Cache" ??? W***???, after all this hard work!!!!!!,
Edit:
Resetting and redoing got me the working flag, I believe there is an issue in flag rotation. I saw a couple of members complained the same earlier. @ASHacker thanks for making a good learning machine. Enjoyed it
.
Profile: https://www.hackthebox.eu/home/users/profile/68523
So, found some credentials, but they don't work for the H** part. Found a boatload of vulns for that service, but always getting an error about something missing, when I bypass authentication (and try to access any of the vulnerable pages).
Anyone willing to shed some light on what I'm missing here?
GREM | OSCE | GASF | eJPT
Got root! great box @ASHacker I learned alot.
OSCP | GPYC | GPEN | GWAPT | GCFA | GCIH | CISSP
Spoiler Removed
Happy to offer nudges to anyone on boxes I've done, provided you show that you've reasonably tried to understand what the goal is! If I do help, please consider giving respect!
Why didn't this work when I tried it first time? Seems to be my curse, always happens to me.
Type your comment> @iamdevill said:
its a rabbit hole
is sh**l.p** intended?
I've rooted the box without referring to gtfobins, so I am not sure why people keep saying that.
Or maybe I've rooted the box with the unintended way.
Happy to discuss.
You can do it gftobins way or not, either way it both relate to the same binary.
PM for nudges, but tell me what you've got so far. If I helped you, remember to give respect.
P*****t p****l is turned off!
is it normal ? Or someone broked while exploiting ?
Rooted. Overall very enjoyable box. Alot of the hints in this thread are accurate. For root, dont forget about the other user. (There seem to be multiple ways to root this box)
Can anybody tell me what is the connection between H** with the machine ? or how I do so ?
Respect me if I helped U
rooted
rooted
rooted
Nice box, rooted...
if you need help, can ask me
https://www.hackthebox.eu/home/users/profile/76106