Official Laboratory Discussion

1356718

Comments

  • Hi guys, stuck on the g***** login page. Not figured out how to get anything from the site even with trying rate flags on the ff*f tool. Any tips ?

    n3wb1e

  • Type your comment> @blnk1 said:

    Almost giving up for tonight, poking around G***** trying to not lose it completely, if anyone wants to help/collab to beat this box hmu with a pm :)

    can anyone nudge me to get to this G thing ? am simply seeing no way .

  • edited November 2020

    Stuck after finding G***** page, I must be missing something.

    madhack
    If you need help with something, PM me how far you've got already, what you've tried etc.
    Discord: MadHack#6530

  • i don't know for a while the subdomain works correctly, but after someone reset it. the web keep gives me 502 error. is this normal?

  • If you can't find G*****... nmap is All you need ;)

  • i keep getting 502-Whoops, taking too much time to respond even after resetting ... Is this normal?

  • I can't find G*** page

  • Use nmap and u will

    madhack
    If you need help with something, PM me how far you've got already, what you've tried etc.
    Discord: MadHack#6530

  • Extremely unreliable site at the moment. Someone reset it and now it's a constant 502-fest.

  • Can someone DM me, i am getting depreciation issue on diamond on train thing.

  • Type your comment> @0xstain said:

    i don't know for a while the subdomain works correctly, but after someone reset it. the web keep gives me 502 error. is this normal?

    Me too ,what's up ?

    Hack The Box
    OSCP

  • .. We have to set up a G****** and R**** locally? :dizzy:

    skunk

    Happy to offer nudges to anyone on boxes I've done, provided you show that you've reasonably tried to understand what the goal is! If I do help, please consider giving respect!

  • It doesn't seem to be giving me any reverse connection..
    tried multiple payloads
    any nudge will be appreciated

  • The instability of the box is going to drive me nuts before I'm able to get user.

    Arrexel

  • Great box !
    User part has lots of steps which are not common for an easy rated box but they end up being cool and they help learning new technologies.
    Root part can be very easy if you spot the right thing.

    Check for writeups -> https://noxious.tech

  • Rooted! Thanks 0xc45 for an interesting peek into G***** . Keep a keen eye for root part then from inspection you should know what to do.

    alt text

  • Guys, can you DM me what command should i put in payload, just stuck at this moment :(

  • Can someone DM me for a nudge to G*****? I'm not sure what to do with this

  • FINALLY got a foothold. Please tell me user is close lmao
    Enumerated and haven't found anything too interesting.
    A nudge would be appreciated.

    zweeden

  • Is foothold based on a known vuln w/CVE?
    (Don't need spoiler/number but just beginning to wonder if researching that route since yesterday is a rabbit warren...)

  • @Baseizo7 said:
    Is foothold based on a known vuln w/CVE?
    (Don't need spoiler/number but just beginning to wonder if researching that route since yesterday is a rabbit warren...)

    a chain of them.

    zweeden

  • Type your comment> @zweeden said:

    @Baseizo7 said:
    Is foothold based on a known vuln w/CVE?
    (Don't need spoiler/number but just beginning to wonder if researching that route since yesterday is a rabbit warren...)

    a chain of them.

    Ah! Thanks.

  • Box is very unstable.
    502 errors, 429 error "Retry later"... even after resets on VIP.

  • Spoiler Removed

  • Type your comment> @bertalting said:

    Working here but stuck at L.. to R..

    Same step :D

  • What should I be doing on this G***** page? Should I be brute forcing? Or am I wasting my time with that.

  • Type your comment> @balkan said:

    Spoiler Removed

    sorry 4 the spoiler, i've a l**, i need to get a r** :neutral:

  • any nudge with user enum please

  • Rooted... the most brutal Easy box I've done here.
    Half of the battle was getting what was required for the payload.

    Solid box, but man these easy boxes are changing these days.
    Having to create a VM or find a stable docker is kind of nuts but I guess from a security professional point of view it's not that abnormal.

    /shrug

    At least it's done lol can go back to study :P

  • Well that box was a journey for an easy box. Not one of my favorites but good box over all I suppose...pm on htb or discord for some nudges if you need them.

    discord: Pal3BlueD0t#0299
Sign In to comment.