Official CrossFit Discussion

Official discussion thread for CrossFit. Please do not post any spoilers or big hints.

«1

Comments

  • Any thing found

  • *Spoiler Removed*

    Fr0Ggi3sOnTour

  • Two people have user. Damn! There goes my chances! ahahahaha

    Hack The Box

  • 1st blood after (almost) 16 hours! Tough going here clearly - about the foothold, I was wondering about the possibility of contraband on the most trafficked port - would that be possibly a path to follow?? 'Cause I've fuzzed this baby like a motherfuzzer!!!! And...nada, nichts, rien, tipota and ingenting...nothing to see on the cool horizon of http-land...lost for now - any hint on initial direction?

  • Is it about virtual hosting

  • Virtual hosting is not revealing anything for me at least. Any other pointers?

    For asking help, please describe what you have tried so far, so i don't spoil too much.
    If you believe i was able to help, please provide feedback by giving respect:
    https://www.hackthebox.eu/home/users/profile/122308

  • Attack => *******.crossfit.htb/vendor/

  • *******.crossfit.htb/vendor/
    403 Forbidden error

    Hack The Box

  • *******.crossfit.htb/vendor/****

    Hack The Box

  • How is root done after 9 hours of user, rated by two users as piece of cake?
  • Type your comment> @solid5n4k3 said:

    How is root done after 9 hours of user, rated by two users as piece of cake?

    They are being funny

    LMAY75
    Always happy to help, DM me if you need anything!
    Link to Profile

  • Funny like a clown :D
    Quote from Goodfellas :)

  • They said piece of cake since they realised it's easy

  • it seems to me it may be vulnerable to XSS s****t2 i found the cve but i did not find POC that work, any idea?

    Hack The Box

  • edited September 2020

    So, i'm currently logged in with h**k, found the vulnerability in se*****dates.*** and found a PoC for it but i can't get it to work. I appreciate any help on that matter

    EDIT: nvm! i got it

    justAhmed

  • Hi, I have tried to get the initial foothold using VHostScan but with no result. Is this a rabbithole - I mean trying to use wordlist to get a valid subdomain. What is a better approach? thx

  • I am trying to find the inital foodhold I already tried to dirsearch, dirbuster ect. but do not find anything. Can someone point to a useful tool :)

  • Could someone give me a little hint with the GET request to get a valid token? PM

    Hack The Box

  • rooted. The root part is crazy :)

    jkana101
    OSCP | Sec+ | MCSE | VCP | CCNA

  • edited October 2020

    can someone help me with root. analyzing d---g file with ghidra found function p------_d---
    what to do next. new to binary exploitation

  • I now have USER. big thanks to @justAhmed and @luca76.

    Working towards root now

    Hack The Box

  • rooted. This was very fun, educational and challenging box. Big thanks to @justAhmed and @jkana101 for helping me along the way.

    ruskii

  • Spoiler Removed

  • edited October 2020

    I had to stay awake for a long time but I finally won. Much analysis was required to reproduce the reverse step by step. Amazing. Thank you for this opportunity.

    image

  • does this machine have something to do with f** if so please help me out. Thank you!!

    image

  • edited November 2020

    I can see why this is an insane machine.

    I was stumped on root here :smile: . EDITED TO ADD: Rooted now but that was hard.

    I think I know what I need to do but I cant get it to work. It doesnt help that I cant seem to get it to give me any troubleshooting data. So there could be a lot wrong with what I am trying but I cant work out what :frowning:

    It doesn't help that the entry I am relying on seems to get wiped every few minutes!

    TazWake

    Note: https://www.nohello.com/

    Happy to help people but PLEASE explain your problem in as much detail as possible! If you say vague things like "It's not working", I cant help. This isn't Twitter so my DMs are always open.

Sign In to comment.