Rooted. I got the foothold nice and quick then found the required details for the next user.... only to not use it and forget I'd found it. Got there eventually.
Feel free to PM for pointers.
Rooted. idk what people are talking about read a book or a novel or whatever, and I don't get how the name of the box plays into the rooting method. Maybe I missed something, lol.
Otherwise, not too easy, not too hard, just right.
I don't get how the name of the box plays into the rooting method.
Box names can mean lots of things, it isn't that common for them to relate to root specifically. Magic and Quick for example were both named as a hint to the initial foothold.
Sometimes it is even just the name of a website hosted on the target machine.
But yeah, on this box I am not sure what the name is related to.
Happy to help people but PLEASE explain your problem in as much detail as possible!
Got User 1 and User 2. Tried looking around if there's any binary or file that stands out, but couldn't find any. Not sure what the ""staying home..." tips exactly mean. I'll appreciate any sort of help.
Initial foothold took me longer than it should have taken, simply following the information given.
User1, was on right piece but ignored it first
User2, facepalm
root, once knowing where to look for, easy to find the right way
Good easy box to not get rusty (I'm ashamed of myself running in circles for hrs not finding the user1 -> user2 "transit area").
Enjoyed the release arena a lot. Box is active in seconds and you have the box for yourself.
Comments
Brute-forcing isn't the way. Just read some articles in google about the WebPage.
A Chemist doing Penetration Testing - Check the Story here: BinaryBiceps
Rooted . Easy box. PM for help!
in case anyone is stuck where I was: try
i am actually really confused for user 2 looked at so much stuff, but no result. Any hints?
> i am actually really confused for user 2 looked at so much stuff, but no result. Any hints?
What is a file that could belong to another user?
Type your comment> @limelight said:
used the find command but still nothing interesting
> Type your comment> @limelight said:
>
> (Quote)
> used the find command but still nothing interesting
Don't look at ownership. Look at contents.
Type your comment> @limelight said:
I don't get it lol
Im stuck after getting the reverse shell. Can somebody give me a hint where to search for getting the access to one of the users?
Rooted. I got the foothold nice and quick then found the required details for the next user.... only to not use it and forget I'd found it. Got there eventually.
Feel free to PM for pointers.
eJPT
Deleted.
A Chemist doing Penetration Testing - Check the Story here: BinaryBiceps
Genuinely enjoyable box and pleased that I could make progress after about 8 hours of total fail on laser.
The flow is fairly methodological. Enumeration (as always) is key and public exploits get things started.
It's a good box to practice copying files off and scripting translations between encoding.
Happy to help people but PLEASE explain your problem in as much detail as possible!
Also: https://www.nohello.com/
Got Root
For the root flag, wouldn't be able to do it without the hints in the Forum.
And even so, was looking for the wrong PRIV for hours
Rooted. idk what people are talking about read a book or a novel or whatever, and I don't get how the name of the box plays into the rooting method. Maybe I missed something, lol.
Otherwise, not too easy, not too hard, just right.
@pizzapower said:
Box names can mean lots of things, it isn't that common for them to relate to root specifically. Magic and Quick for example were both named as a hint to the initial foothold.
Sometimes it is even just the name of a website hosted on the target machine.
But yeah, on this box I am not sure what the name is related to.
Happy to help people but PLEASE explain your problem in as much detail as possible!
Also: https://www.nohello.com/
Rooted yesterday. Fun box! PM for nuggets. Let me know what you tried first though
If I helped you, I would love it if you cold +rep me on my HTB proifle.
Somehow OSCP
Also I will reply quicker on Discord. Hit me up
Fr0sty 9#9550Rooted!
PM for nudges
I got a shell and i found h***es.txt file but the content is super messed up and none of those hashes seems to be crackable... any nudges?
> I got a shell and I found h***es.txt file but the content is super messed up and none of those hashes seems to be crackable... any nudges?
You might miss something.
Check what type of Hash it in here before trying to crack https://www.tunnelsup.com/hash-analyzer/
A Chemist doing Penetration Testing - Check the Story here: BinaryBiceps
@gunroot I figured out what I was doing wrong, now I'm trying to get root, I was stuck for so long bc of stupid mistake...
It's been two days, I had no idea how many people would be trying this within the first week.
Well done, everyone
If I helped you out at all, feel free to click my badge and give +1 respect!
really easy machine but very cleaver one different than others!!! well done @ChefByzen
Got User 1 and User 2. Tried looking around if there's any binary or file that stands out, but couldn't find any. Not sure what the ""staying home..." tips exactly mean. I'll appreciate any sort of help.
Spoiler Removed
rooted, PM for help
Initial foothold took me longer than it should have taken, simply following the information given.
User1, was on right piece but ignored it first
User2, facepalm
root, once knowing where to look for, easy to find the right way
Rooted! Pretty fun box! feel free to PM for help!
Spoiler Removed
Serious? Ohh a small sploiler... Bill Joy will not be happy...
Good easy box to not get rusty (I'm ashamed of myself running in circles for hrs not finding the user1 -> user2 "transit area").
Enjoyed the release arena a lot. Box is active in seconds and you have the box for yourself.
Discord: k4wld#5627
Type your comment> @TazWake said:
Maybe relates to the user1 -> user2 "transit / passage"?
Discord: k4wld#5627