Jerry

Hi everyone, I’m giving this box a go. Is this box a bit unstable because I’m having trouble keeping myself logged in.

The box is unstable, before exploiting do a reset.

@Frey said:
The box is unstable, before exploiting do a reset.

Ah alright, I’ll try it again when it’s a bit less busy. The box is being reset every minute.

Is there only one service in this?? I’m having a hard time finding something to exploit…

After watching 90 people own this box in less than an hour and getting nowhere myself feeling pretty noobish.

That was very funny. @n00bn00b kept asking admin about machine booting up, and someone got first blood while he was asking LoL

I’m new to HTB and wanted to give this machine a go as it seems easy, but I’m stuck. Does anyone have any resources that I can go through that might help me with this box, or HTB in general?

@mobiusKey said:
I’m new to HTB and wanted to give this machine a go as it seems easy, but I’m stuck. Does anyone have any resources that I can go through that might help me with this box, or HTB in general?

The best resource is always the manual

I haven’t exploited yet, but consider this: The name of the Server is Jerry. What service is running on the only (AFAIK) port? Think of the cartoon with similar character names. I have observed that using Hydra won’t help you get a password. It’s like a game of…

@C3PJoe said:
I haven’t exploited yet, but consider this: The name of the Server is Jerry. What service is running on the only (AFAIK) port? Think of the cartoon with similar character names. I have observed that using Hydra won’t help you get a password. It’s like a game of…

Spike for sure

@dmknght said:

@C3PJoe said:
I haven’t exploited yet, but consider this: The name of the Server is Jerry. What service is running on the only (AFAIK) port? Think of the cartoon with similar character names. I have observed that using Hydra won’t help you get a password. It’s like a game of…

Spike for sure

I always liked watching him take a bite out of crime!

I hate these machines with just jerrys friend and no way to string together some exploits to get the login information. Throw me an lfi somewhere at least

didnt like this box much :frowning: was annoyed at how long it took me to find what i needed ugh

Spoiler Removed - Arrexel

@H4ck3d5p4c3 said:
didnt like this box much :frowning: was annoyed at how long it took me to find what i needed ugh

you still could have learned a lot though from searching for other stuff! :slight_smile:
cause someone had messed the machine up. before resetting it and getting access i read quite some stuff i did not know

@Shadow2Xx said:
Could once log in into the manager app, but from there I couldn’t get any further. Now I can’t log in anymore:/

Reset the machine.

Anyone I can PM about this box? I want to make sure I am on the right track.

@Shadow2Xx said:
Could once log in into the manager app, but from there I couldn’t get any further. Now I can’t log in anymore:/

As already mentioned by felli0t there are l*w life people that enjoy changing passwords. This is the second box in the row, really lame.

@packetrider said:
After watching 90 people own this box in less than an hour and getting nowhere myself feeling pretty noobish.

For everyone that is struggling with this Box, keep in mind the entry point and the name of the box, even if you don’t know the platform this was made off talking about the panel you will probably find. The panels has somehow the same name as a cartoon now you can guess what characters played over it and test that theory out. The box is easy take your time, enumerate the services locate the exploits try details into the forms and do it manually or exploit it via msf. This box should take atleast 5 mins for exploitation regarding the people who are more familiar with the specific platform that was used into the box for the members to exploit. Have fun, and keep hacking all of you!

I’ve seen a few people mention here and in the shoutbox how the password on Jerry keeps getting changed, so before I spend any time on it can anyone tell me if the password can be found somewhere or if we are meant to make an educated guess as to what it is? If we’re meant to guess it, but it keeps getting changed then it seems there is no point starting this box.