Active any hints



  • Is there anyone I could talk to about tips for this box? I feel like I am on the right track... but my research has lead me into what seems like a dead end.....

  • Rooted, one of the most realistic boxes here on HTB well done @eks and @mrb3n
  • edited August 2018

    Rooted !

    Very realisitc box.

    User was fairly easy - Root was quite a bit more complex but all the tools you require / hints are in this thread


  • @JunGLeJuiCe said:
    I don't want to give spoilers, but hopefully a nudge for anyone looking for Priv Esc. Went down the same route as most but saw the announcement about the patch for that vulnerability being deployed. Went back to basics, in the end, all I needed was on the Kali distro already, there are good examples. It's all about Getting to the Principal of the matter

    This hint, I finally get it. Stuck at work with no access to the labs but I'm itching to go try my new idea!


  • stuck on how to get root anybody can give me a hint how to use impacket....


  • I see there is a file share but I can only get into replication is this a rabbit hole or is this something to actually look at?


  • edited August 2018

    I need help I could decrypt the password but I cant use it anywhere...PM

    UPDATE: user flag got it!!

  • I managed to connect to replication, but my connection gets really slow after I enter a couple commands. Anyone know why?

  • edited August 2018

    Wow, this machine is driving me nuts. I'm still unable to understand fully how to get root. Learning a ton, though.

    UPDATE: Rooted. Fantastic and invaluable learning experience. All hints provided here are sufficient once you understand the process. Thank you @eks and @mrb3n!


  • @sheepkiller Thanks so much for your post regarding smb.conf. Now can finally start this machine!

  • Finally rooted this box, it was a great journey and i learnt a lot from this box.
    Hint: keep it simple and explore all the tools kali has to enumerate and penetrate A**** D*******.

  • edited August 2018

    Meant to come back and say I finally got root on Monday! The hints here were subtle but after doing research on k****** I finally picked up on them. For the first time, I find myself doing even more research AFTER getting root, because I didn't fully understand the importance of what I did. I will say this to people who are still stuck: YouTube is a surprisingly good source of information. There are lots of recorded talks and speeches from various security conferences that present information in a very easy to understand way. Sure beats the hell out of reading dry technical write-ups from Microsoft.

    I'm available for PM if anyone wants little nudges.


  • Rooted. My suggestions:

    • go deep in smb enumeration (there's a world)
    • impacket + k*******
    • h*****t

    PM for hints


    "I recognize, Mr. Reese, that there's a disparity between how much I know about you and how much you know about me. I know you'll be trying to close that gap as quickly as possible. But I should tell you... I'm a really private person."

  • SMB enumeration and knowing the principals i'ts the key in this box.

  • Rooted. Great box. Learned a lot in the process. Pushed me to research into a topic I wasn't experienced with.

  • Learned heaps from this one. Both txts can be obtained without shells, required a bit of fiddling with existing tools and installing missing dependencies, but used some new tools I haven't used before. PM if you need hints.

  • > @meni0n said:
    > I don't understand why my enum is not working. I talked to another person and their s**client was working fine but I keep getting connection reset all the time...

    Try Linux file manager
  • Finally rooted. Learned a lot from this. Great box!


  • Finally Rooted! Good machine with some new tools and new concepts to grasps

  • Any one care to PM me on priv esc. Really only looking for a Google query. I know what service to exploit via the user name and I know what I'm trying to get so I can decrypt and get a password but my Google Foo has been weak the past couple of day. Any help would be appreciated. Respect will be given.

  • Just got priv esc! Amazing box, Please HackTheBox keep these realistic environment boxes coming :)

    If anyone needs any help drop me a pm.


    Checkout my Dropbox of Goodies >>

    [CCNA R&S] [OSCP - In Progress] [Security+ - In Progress]

  • edited August 2018

    @mitm3r said:
    > @meni0n said:
    > I don't understand why my enum is not working. I talked to another person and their s**client was working fine but I keep getting connection reset all the time...

    Try Linux file manager

    Thanks... I rooted the box. The issue was with Kali linux.. for some reason the s**client from 2017.2 wouldn't work with this box.. I had to use a 2018 version

  • Can someone drop me a hint please? I got user, but got stuck with root, I think I'll need to use impacket but not sure how. Thanks

  • everyone mentioned in impacket
    but i can use Metasploit instead of impacket :)

    I don't have Signature...

  • Man, did I learn a lot on this box. Most importantly, make sure you are connected to the VPN when you're testing crap. lol. Seriously though I can give suttle hints if you need them. Just PM me.

  • Finally got root!! This machine made me a headache at root part =S. A one need to know the tools to get it or you will spend a lot of time to get nothing ^^.
    Thanks to @TheInnocent I got root part.
    I would glad to help with your questions ! PM

  • So I'm having some issues getting started. I've read all the comments here and nada. I'm trying my hand in security research and i completed the Jerry Box. If anyone would let me pick your brain that would be helpful.

  • hi all - can anyone hive me a dm for the hint i am having a user and its encrypted password perhaps but bit of a lost, seems i am in a right direction. Thanks


  • so now i can dump all users but getting errors to execute any commands via same method...


  • Rooted PM if anyone need helps.

Sign In to comment.