Endgame
I have tried a ton of stuff over the last several days and it seems I am stuck on step 2 and could use a nudge. Can you message me if you are willing to help? Thanks!
Sign In to comment.
Quick Links
Categories
- 3K All Categories
- 2.1K Discussion
- 1.1K Machines
- 424 Challenges
- 15 RastaLabs
- 95 Exploits
- 23 Programming
- 478 Off-topic
- 877 Tutorials
- 495 Writeups
- 89 Video Tutorials
- 132 Tools
- 159 Other
- 24 Links
- 24 News
Comments
nevermind
anyone out there working on poo? could do with someone to compare notes with.
I'm working on it now... would love to share some ideas
On second step now
@waywardsun did you finish?
Seriously though folks, if anyone wants to bang their heads on the wall with me, drop me a line.... misery loves company
any hints for starters on where to look?
right now, i'm trying to brute the mssql and find interesting file/dir on the iis
Looking for people to brainstorm with this on, as well. I'm right at the end (I think), but my Windows skills need some improvement.
brute not the way to go.. enumerate more on the iis
Every step is at its best. I stretched myself to great extent. Simply loved the endgames.
Learn | Hack | Have Fun
If you need some help => 1) Your findings so far? 2) Your conclusions? 3) Your further ideas?
RESPECT++ if I was able to help you! => https://www.hackthebox.eu/home/users/profile/139772
No messages on the wall please and don't message me via HTB chat, please use the forum!
If you need some help => 1) Your findings so far? 2) Your conclusions? 3) Your further ideas?
RESPECT++ if I was able to help you! => https://www.hackthebox.eu/home/users/profile/139772
No messages on the wall please and don't message me via HTB chat, please use the forum!
Anyone still working on this? xD
https://www.hackthebox.eu/home/users/profile/78568
anyone working on this? could use a nudge on the first step for P.O.O., Feel like I've enumerated everything on IIS (methods, vhosts, creds, dirs/files etc). I was able to find an interesting information disclosure vuln but am not able to connect the dots...
Working on P.O.O, disclosed something which I may be able to look into.
Edit: Found some interesting directories, but I don't see how I can access the info in them
If you need help with something, PM me how far you've got already, what you've tried etc (I won't respond to profile comments, or on box release night). And remember to +respect me if I helped you ; )
anyone can help me how to move ahead I am stuck at 2nd step for xen
https://www.hackthebox.eu/badge/image/1016
@clubby789 said:
That's a shame.. Damn those Mac junkies and their short eight second tantrums! (or was it three?)
could someone help found two ways both asking for credentials still stuck at the web page
https://www.hackthebox.eu/badge/image/1016
Step one done, already feels like a real ride. I think I may know the path to two.
Edit: Flags 1, 3, 4 got. Wonder where 2 is...
If you need help with something, PM me how far you've got already, what you've tried etc (I won't respond to profile comments, or on box release night). And remember to +respect me if I helped you ; )
@clubby789 any progress on step 2
https://www.hackthebox.eu/badge/image/1016
Anyone would like to exchange notes for poo?
Finally finished, really excellent experience. Learnt loads about AD.
Hints:
1 - There are two infoleak vulnerabilities you can combine here
2 - Follow the links
3 - Go back to something you found earlier
4 - Digging a tunnel will speed things up
5 - Why guess info when you can change it?
If you need help with something, PM me how far you've got already, what you've tried etc (I won't respond to profile comments, or on box release night). And remember to +respect me if I helped you ; )
Hi everyone
Any hint for hades after first shell?
THX
XEN 3rd part, I'm getting prxxxin timeout error, I think my config are correct, any hints anyone please?, stuck there are 2 days
Profile: https://www.hackthebox.eu/home/users/profile/68523
Can someone give a push into right direction for xen's foothold? I found bunch of places, wasn't successful in guessing, and stuck now.