Official Doctor Discussion

Official discussion thread for Doctor. Please do not post any spoilers or big hints.

«13456789

Comments

  • 80% sure I know what the service is going to be

    LMAY75
    Always happy to help, DM me if you need anything!
    Link to Profile

  • Rock the show.
  • Yea but I can't access it...

    LMAY75
    Always happy to help, DM me if you need anything!
    Link to Profile

  • Anyone got past the login portal yet?

  • RCE. I hav got but no creds

  • Type your comment> @cmoon said:

    Anyone got past the login portal yet?

    Which one?

    LMAY75
    Always happy to help, DM me if you need anything!
    Link to Profile

  • 30+ minutes of scanning and no single port open.

  • Spoiler Removed

  • Why we can't access that thing on that port?

  • GG to 2 First blood

  • Type your comment> @LeChatP said:

    GG to 2 First blood

    damn it

    LMAY75
    Always happy to help, DM me if you need anything!
    Link to Profile

  • edited September 26

    Some hint to get a foothold ?

  • I can't figure out these creds... Is it gonna require X** injection?

    A hint would be appreciated

    LMAY75
    Always happy to help, DM me if you need anything!
    Link to Profile

  • Type your comment> @LMAY75 said:

    I can't figure out these creds... Is it gonna require X** injection?

    A hint would be appreciated

    I don't think X** will do...
    It requires a client right ?

  • Type your comment> @Karthik0x00 said:

    Why we can't access that thing on that port?

    I'm wondering why too !

    Why 50 53R10U5

  • I found the default creds but as mentioned on various sources, they won't work remotely. And the response implies that the default password has not been changed. So that might help in priv esc later on. That also rules out brute force which sometimes works on easy boxes.

    Then what is left is to find some other user and their password, or try to get something back from that communication channel.

    Any hints or nudges appreciated.

    For asking help, please describe what you have tried so far, so i don't spoil too much.
    If you believe i was able to help, please provide feedback by giving respect:
    https://www.hackthebox.eu/home/users/profile/122308

  • Type your comment> @tang0 said:

    I found the default creds but as mentioned on various sources, they won't work remotely. And the response implies that the default password has not been changed. So that might help in priv esc later on. That also rules out brute force which sometimes works on easy boxes.

    Then what is left is to find some other user and their password, or try to get something back from that communication channel.

    Any hints or nudges appreciated.

    where u found ?

  • Type your comment> @tang0 said:

    And the response implies that the default password has not been changed.

    No it doesn't

    LMAY75
    Always happy to help, DM me if you need anything!
    Link to Profile

  • Type your comment> @exord26 said:

    I found the default creds but as mentioned on various sources, they won't work remotely. And the response implies that the default password has not been changed. So that might help in priv esc later on. That also rules out brute force which sometimes works on easy boxes.

    Then what is left is to find some other user and their password, or try to get something back from that communication channel.

    Any hints or nudges appreciated.

    where u found ?

    Google

    For asking help, please describe what you have tried so far, so i don't spoil too much.
    If you believe i was able to help, please provide feedback by giving respect:
    https://www.hackthebox.eu/home/users/profile/122308

  • If I only had creds for S****k, there is so much to do with that MGT port :)
    I specialize in S****k and it is really cool to see a box here with S****k. Just cant seem to find the creds. Anyone got anything?

    ruskii

  • I Only Need Creds To Get RCE , Guys Any hints ?

  • Hav u tried default

  • Type your comment> @Cmdking01 said:

    Hav u tried default

    default creds don't work , they are disabled to work remotely !

  • is this supposed to be a brute force box? or careful enumeration

    ruskii

  • so any of you guys any luck :)

    Hack The Box

  • I guess I´m closer to get the RCE with PyS****W*2 but I can not find the User and password . should we user a List of user and password Brutefoce ?

  • edited September 26

    Spoiler Removed

  • It wasn't spoiler dude

Sign In to comment.