Endgame

I have tried a ton of stuff over the last several days and it seems I am stuck on step 2 and could use a nudge. Can you message me if you are willing to help? Thanks!

«1

Comments

  • nevermind

  • anyone out there working on poo? could do with someone to compare notes with.

    adyd

  • I'm working on it now... would love to share some ideas

  • On second step now :) @waywardsun did you finish?

  • Seriously though folks, if anyone wants to bang their heads on the wall with me, drop me a line.... misery loves company ;)

  • any hints for starters on where to look?

    right now, i'm trying to brute the mssql and find interesting file/dir on the iis

  • Looking for people to brainstorm with this on, as well. I'm right at the end (I think), but my Windows skills need some improvement.

    opt1kz
    https://i.imgur.com/4jXzPqJ.png
    404 Friend Not Found

  • edited January 2019

    @evandrix said:
    any hints for starters on where to look?

    right now, i'm trying to brute the mssql and find interesting file/dir on the iis

    brute not the way to go.. enumerate more on the iis

  • edited January 2019

    Every step is at its best. I stretched myself to great extent. Simply loved the endgames.

    MrR3boot
    Learn | Hack | Have Fun

  • Hey guys, is it a common thing, that websites on starting point address of XEN are not working? If no, could sime of you just vite to reset xen? Thx

    v1p3r0u5
    If you need some help => 1) Your findings so far? 2) Your conclusions? 3) Your further ideas?
    RESPECT++ if I was able to help you! => https://www.hackthebox.eu/home/users/profile/139772

    No messages on the wall please and don't message me via HTB chat, please use the forum!

  • NVM, it's working again...

    v1p3r0u5
    If you need some help => 1) Your findings so far? 2) Your conclusions? 3) Your further ideas?
    RESPECT++ if I was able to help you! => https://www.hackthebox.eu/home/users/profile/139772

    No messages on the wall please and don't message me via HTB chat, please use the forum!

  • anyone working on this? could use a nudge on the first step for P.O.O., Feel like I've enumerated everything on IIS (methods, vhosts, creds, dirs/files etc). I was able to find an interesting information disclosure vuln but am not able to connect the dots...

  • edited January 6

    Working on P.O.O, disclosed something which I may be able to look into.

    Edit: Found some interesting directories, but I don't see how I can access the info in them

    clubby789

    • GCIH
      If you need help with something, PM me how far you've got already, what you've tried etc (I won't respond to profile comments, or on box release night). And remember to +respect me if I helped you ; )
  • anyone can help me how to move ahead I am stuck at 2nd step for xen

  • @clubby789 said:

    Working on P.O.O, disclosed something which I may be able to look into.

    Edit: Found some interesting directories, but I don't see how I can access the info in them

    That's a shame.. Damn those Mac junkies and their short eight second tantrums! (or was it three?)

  • could someone help found two ways both asking for credentials still stuck at the web page :(

  • edited January 9

    Step one done, already feels like a real ride. I think I may know the path to two.

    Edit: Flags 1, 3, 4 got. Wonder where 2 is...

    clubby789

    • GCIH
      If you need help with something, PM me how far you've got already, what you've tried etc (I won't respond to profile comments, or on box release night). And remember to +respect me if I helped you ; )
  • Anyone would like to exchange notes for poo?

  • Finally finished, really excellent experience. Learnt loads about AD.
    Hints:
    1 - There are two infoleak vulnerabilities you can combine here
    2 - Follow the links
    3 - Go back to something you found earlier
    4 - Digging a tunnel will speed things up
    5 - Why guess info when you can change it?

    clubby789

    • GCIH
      If you need help with something, PM me how far you've got already, what you've tried etc (I won't respond to profile comments, or on box release night). And remember to +respect me if I helped you ; )
  • Hi everyone

    Any hint for hades after first shell?

    THX

  • XEN 3rd part, I'm getting prxxxin timeout error, I think my config are correct, any hints anyone please?, stuck there are 2 days :(

  • Can someone give a push into right direction for xen's foothold? I found bunch of places, wasn't successful in guessing, and stuck now.

  • ahh this hades initial shell is annoying if someone mess with it you lose you shell have to wait for reset

    0zxyx

  • Little hint for hades ?

    Hack The Box

  • How do you guys reset this.
    I have been waiting for a reset for a long time and the vote is 1 of 5 so far.
    is that mean I will need to wait until other four vote on the reset?
    I don't understand the sense behind this.
    can't we get anyone in the management to override that?

  • @mimo said:

    How do you guys reset this.

    With difficulty

    I have been waiting for a reset for a long time and the vote is 1 of 5 so far.

    Yeah - you can do things like post on the shoutbox or twitter asking people to vote.

    is that mean I will need to wait until other four vote on the reset?

    I've voted now as well, hopefully others will see it and vote.

    I don't understand the sense behind this.

    I cant answer that. With the endgame, they probably dont want people resetting as rapidly as they do with free boxes as some attacks can be super complicated. But, I dont know if that would be a problem.

    can't we get anyone in the management to override that?

    I dont know.

    TazWake

    Happy to help people but PLEASE explain your problem in as much detail as possible!

    Also: https://www.nohello.com/

  • edited September 15
    @TazWake

    Thanks for taking the time to answer that and thanks for voting to reset.
    I hope enought people will do the same.
    the trouble is when a machine gets compromised it becomes unstable and any test result becomes unerliable, let alone naughty hackers removing files and tampering with services they should just leave alone, only for the joy of causing mayhem for other and here the reset is a necessity.
  • @mimo said:

    @TazWake

    Thanks for taking the time to answer that and thanks for voting to reset.
    I hope enought people will do the same.
    the trouble is when a machine gets compromised it becomes unstable and any test result becomes unerliable, let alone naughty hackers removing files and tampering with services they should just leave alone, only for the joy of causing mayhem for other and here the reset is a necessity.

    Totally agree, it is a frustration. People make mistakes - I've bricked them before and kind of ruins it for (sometimes) weeks until enough people realise and reset. Its even worse if you break it at a later stage as no one even notices.

    Hopefully the discussion will help!

    TazWake

    Happy to help people but PLEASE explain your problem in as much detail as possible!

    Also: https://www.nohello.com/

Sign In to comment.