Official Worker Discussion

1234689

Comments

  • Rooted!!

  • Rooted! Great machine. I liked how it doesn't require any blind guessing - just good thorough enumeration from one point to the next. Too bad it is very slow sometimes. I wonder if it depends on number of concurrent users or some other factor?
    Anyway, congratulations to @ekenas for such great machine. It is the one I enjoyed the most from all machines I tried on HTB. And got Elite rank with it. Yay! :smiley:

    sparrow1

  • edited August 22

    I would really like to kill the r******r before he kills me :joy:

    Uf... finally got the user!

    Edit again: rooted! A bit frustrating because of poor performance. But an enjoyable machine overall, and quite realistic.

  • Need some nudge for user.

    I got a low shell and found some creds for user r****l. But I haven't been able to use it anywhere. can someone provide a nudge on how to proceed.

  • @thatjoe look over your full nmap scan.

  • Type your comment> @3DxHex said:

    @thatjoe look over your full nmap scan.

    yeah got it now. I was confused because the higher port was giving a 404 error page. so i thought it was running iis. my bad

  • Stuck at foothold. I can follow the pipelines to upload txt and js files but can't do anything useful, e.g. ps1 files return 404. what am i missing?

    For asking help, please describe what you have tried so far, so i don't spoil too much.
    If you believe i was able to help, please provide feedback by giving respect:
    https://www.hackthebox.eu/home/users/profile/122308

  • edited August 30

    Spoiler Removed

    Why 50 53R10U5

  • I believe you may find Invoke-ReversePowerShell from my repo https://github.com/tobor88/ReversePowerShell to be helpful on this one

    tobor
    Gods make rules. They don't follow them

  • rooted. thanks @ekenas for the fun machine.

  • Rooted and agree with @camk thanks for the fun box and exposure to a different attack surface.

  • rooted the box and it was a wild ride. I had no clue about the azure thingy so i needed soooo many nudges. Something i really liked is the cleanup scripts that were running in background.

    thanks @ekenas for the box.

    if anyone need any nudges, DM.

  • @tobor said:

    I believe you may find Invoke-ReversePowerShell from my repo https://github.com/tobor88/ReversePowerShell to be helpful on this one

    Just wanna say props to you for that script man. I love how it reconnects after the session borks.

  • Rooted. Great box, a lot of new things learned. PM if need hints. Thanks @ekenas :)

    Hack The Box

  • edited August 25
    Hi, just wanted to give you guys a little info about worker being so slow. Normally a server such as worker is setup in different tiers in a production environment. This was not possible on HTB since as machine creators we have to put all components into one single machine. Due to this limitation we set a hw spec for worker on which we did all the testing and it actually passed without any issues. Unfortunately there was a hardware cap applied to worker after it was tested. I don’t know why this was applied and it doesn’t really matter. The sad part is that in the end this change made the machine run out of resources (mainly RAM) causing the Sql Server to be exhausted and the web server displaying a couple of 503 errors. This in turn had major effects on the ”portal” as I’m sure most of you have seen.
    I really want to point out that when running this type of software in a production environment it is quite fast given the right amount of resources.

    After about a week almost 800 ppl have owned worker which is quite good and I hope you did enjoy it. During this time we also have run tests and measurements and have a couple of solutions on how to mitigate the performance issues. Given the fact that still quite a few people have managed to root worker I’m not sure on how HTB will apply these changes or not.

  • Might need a nudge on this box.
    Found all websites
    Found Creds and can logon.
    never worked with this technology before (which is fun) and I assume I need to upload something that talks back to me (obviously) but sure where and how (yet).. (too many options lol)

    Always happy to help others. 100% human

    https://www.mindfueldaily.com/livewell/thank-you/

  • @ekenas said:
    Hi, just wanted to give you guys a little info about worker being so slow. Normally a server such as worker is setup in different tiers in a production environment. This was not possible on HTB since as machine creators we have to put all components into one single machine. Due to this limitation we set a hw spec for worker on which we did all the testing and it actually passed without any issues. Unfortunately there was a hardware cap applied to worker after it was tested. I don’t know why this was applied and it doesn’t really matter. The sad part is that in the end this change made the machine run out of resources (mainly RAM) causing the Sql Server to be exhausted and the web server displaying a couple of 503 errors. This in turn had major effects on the ”portal” as I’m sure most of you have seen.
    I really want to point out that when running this type of software in a production environment it is quite fast given the right amount of resources.

    After about a week almost 800 ppl have owned worker which is quite good and I hope you did enjoy it. During this time we also have run tests and measurements and have a couple of solutions on how to mitigate the performance issues. Given the fact that still quite a few people have managed to root worker I’m not sure on how HTB will apply these changes or not.

    Its an awesome box @ekenas and personally I haven't experienced any performance issues (yet).
    Could be an VIP thing, I am not sure.
    Appreciate you tapping in with us and explaining the situations (kudos from me on that) keep up the awesome work :smiley:

    Always happy to help others. 100% human

    https://www.mindfueldaily.com/livewell/thank-you/

  • powershell reverse shell getting error.... need "work-king" command

    Scorpion4347

  • root....good worker ..but late respond!!!

    Scorpion4347

  • Great machine, thanks @ekenas , i really enjoyed the box because i was a developer and some mistakes you can find here are common... But the machine was a bit laggy sometimes and i got some 50X errors. After a restart, all was working fine to the end.

  • Great box! I have learned quite a few things about this technology. A bit hard due to performance. Thanks @ekenas !!

    if anyone needs a nudge, pm

  • Could need a nudge, I think I'm close to user, logged into the De*O** platform as r**** but unsure how to execute code now. The obvious idea was of course to change the build-script but that's not allowed. Guess I lack the practical experience with this platform to see the solution.

    Hack The Box

  • Type your comment> @sparkla said:

    Could need a nudge, I think I'm close to user, logged into the De*O** platform as r**** but unsure how to execute code now. The obvious idea was of course to change the build-script but that's not allowed. Guess I lack the practical experience with this platform to see the solution.

    There's a way to run scripts on this box using a markup language. Look for something Mario (yeah, the Italian plumber) uses to travel around.

  • Good fun once there aren't a lot of people on the box. Thanks @ekenas

  • edited August 26
    Before someone gets on the wrong track cause of me: it is possible to change the build.ps1 but it's not that simple. Thanks @ArtemisFY for explaining.

    Hack The Box

  • got root a few minutes ago.
    Good machine, i've learnt a lot.
    thanks @ecodb for the sanity check.

    echo start dumb.bat > dumb.bat && dumb.bat
    doh!

  • edited August 27
    An update... Looks like one of the performance fixes has been applied to worker. Hopefully this means a lot less loading screens :)

    Happy hunting!

  • Rooted finnaly

  • Rooted, thanks for this box !

    Feel free to pm me

    Hack The Box

    Write ups FR : https://hackingdom.io/

  • edited August 29

    Very interesting machine, I never heard about this service, that is good, because it is now part of my check list, so thanks to @ekenas for uploading this one

    My Hints

    User

    • Remember that time travel is always an option
    • This step was a bit disappointing to me because the Build-->Release feature was made automatically by the machine
    • Enumerate a little bit

    Root

    • Maybe you can create your own... line

    If this is spoiler feel free to remove it

Sign In to comment.