edit: That was easier than I thought it was going to be.
User: took me longer than it should have because I was for sure the method I was trying to get a foothold was the correct method, but I just couldn't get it to work
Anyone else having issues with the box? I assume the servers are just begged down
I am not able to use the release area VPN connection ... it's just getting connection resets. The other VPN connection (ProLab, regular machines) work.
(so this is how a machine release look like haha! silent and intense)
why shoutbox and machine page not showing same result regarding bloods im confused
thx for the box! got user :-) , searching for root now .. (easy seems to be easy again..)
hat some issue with getting ip on "Release Arena" switch after some failure to my default vpn environment .. < is this an issue or iam doing something wrong her ( download vpn pack spawn vm ...tried to connect...)
Got user, but am I barking up the wrong tree with s---l----s.s-? I'm pretty confident I have a helpful input line, but I don't see what triggers s---l----s.s- to execute. My line is just sitting there and the lines don't seem to be being blanked out. (I can trigger the thing add its own 'normal' lines, too, but I can't seem to trigger s---l----s.s- to read it...)
EDIT: Oops; I realize now that I broke it when I was poking around. In case anyone else makes the same mistake I did, just make sure you don't accidentally delete/recreate the file that it's reading. (I didn't realize it was being triggered by in---n.) Rooted; fun box, thanks!
the server executes commands based off of user input. think of exactly what commands are being run on the server (with arguments), and search for vulns from there
I'm getting an error when I try to set the OS to Linux on the webapp, is everybody having the same issue? Just trying to figure out if I'm on the right track.
Comments
1h left
Security+
so excited
Anyone else having issues with the box? I assume the servers are just begged down
edit: That was easier than I thought it was going to be.
User: took me longer than it should have because I was for sure the method I was trying to get a foothold was the correct method, but I just couldn't get it to work
Root: pretty straightforward and obvious
Type your comment> @B3LL470R said:
I am not able to use the release area VPN connection ... it's just getting connection resets. The other VPN connection (ProLab, regular machines) work.
Did I ever mention that I'm horribly bad, when it comes to web? And this supposedly easy machine proves me right, again
GREM | OSCE | GASF | eJPT
(so this is how a machine release look like haha! silent and intense)
why shoutbox and machine page not showing same result regarding bloods im confused
thx for the box! got user :-) , searching for root now .. (easy seems to be easy again..)
hat some issue with getting ip on "Release Arena" switch after some failure to my default vpn environment .. < is this an issue or iam doing something wrong her ( download vpn pack spawn vm ...tried to connect...)
have fun :-)
Can anyone please give me a hint?
Can anyone give me a hint for bypassing the fi****?
started to teach my kid HTB - would this be a suitable box for an absolute beginner? We gonna do it together tomorrow.
just realized I missed my only chance for first blood in a year
lol rofl
If someone is able to give me a hint for foothold, I'd appreciate one.
Try harder.
If you like my advice, please give me some respect! Thanks!
Message me on discord: godylocks#5721
Thought I'd blow past this one but stuck at foothold
Do we need to go after the upload? I can't seem to find mine. Tried tinkering with other fields but to no avail.
EDIT: just rooted. this box is really meta. Jesus
any possible hints? 3 hours lead to nothing so far
Got user, but am I barking up the wrong tree with s---l----s.s-? I'm pretty confident I have a helpful input line, but I don't see what triggers s---l----s.s- to execute. My line is just sitting there and the lines don't seem to be being blanked out. (I can trigger the thing add its own 'normal' lines, too, but I can't seem to trigger s---l----s.s- to read it...)
EDIT: Oops; I realize now that I broke it when I was poking around. In case anyone else makes the same mistake I did, just make sure you don't accidentally delete/recreate the file that it's reading. (I didn't realize it was being triggered by in---n.) Rooted; fun box, thanks!
Must be missing sth... take longer than expected on foothold. Can anyone give me a nudge?
EDIT: rooted. could've done faster but anyway. Thanks 0xdf for creating the box.
the server executes commands based off of user input. think of exactly what commands are being run on the server (with arguments), and search for vulns from there
rooted! Good easy box. Thanks 0xdf
Can someone give me a bump? i think im making foothold harder then it has to be. Did you need to use burp?
Nop burp is not used here
Got user. Any hint for the next step?
Any have a link can be useful or the link can give more information about the attack vector?
Thanks.
A little hint for me for user:
Please make sure that you are using the latest version of Metasploit.
I'm getting an error when I try to set the OS to Linux on the webapp, is everybody having the same issue? Just trying to figure out if I'm on the right track.
rooted, nice box, finally a real "easy" machine
rooted. good box. overlooked privesc for a while but it's pretty straightforward.
Happy to help. If any of my rambling is useful consider leaving some respect.
i always get an error in OS linux. annoying.
great box thanks @0xdf
[email protected]:~# id uid=0(root) gid=0(root) groups=0(root)
Rooted, thanks to the creator of the box.