Active any hints

1111213141517»

Comments

  • The box is easy if u know what to do and how to do it (not my case)
    1. For user, enumeration is the key. Once you find the service, just poke around.
    1.1 After you find some files, read them all...one will pop up since it contains user info.
    1.2 Google the file and you'll know how to crack the password

    1. For root, you'll have to interact with another service. This was tricky for me since I didn't know much about it.
      2.1 The forum posts and google will lead you to a red tool.
      2.2 Google what the tool is doing and you'll learn a lot about it
  • Agree with others. This was an enjoyable box from the point of view its real world. I personally had not used one of the tools before to get the required K******. Nice learning experience. Feel free to PM me if I can help anyone.

  • Thanks @Baikuya for helping me with the tips for, thank you very much that the creator blesses you! Go root now!
  • edited November 2018

    I have user already, but I'm about to go crazy because I've been trying to find out why a certain Ruby Script works without an IV (for a certain cipher) but when I try to use Op***l from the commandline it wont work without an IV. Crypto is not my strong suite, so I'd really appreciate it if someone could PM me and explain to me how the ruby script works (I'll send it to you over PM, as not to spoil anything) without needing an IV. Thanks!

    Edit: nvm I figured it out

    Hack The Box

  • Hello to All, i need help because i'm lost!
    i have G**s.xml

  • edited December 2018

    User.txt took me a short time, Trying to get root now but im totally stuck. Last thing i got isa .b** file with surely useful information in it. But its in screwed format. Not like in Base64 or anything else i saw before. Tried to open it with different extensions but none of them worked. I can really use a hint or advice right now :) Thanks

    Edit : nvm got root

  • Hi, i have done a step. i found u**r.txt.
    Now i 'm thinking how to be root, but i have not more ideas!

  • edited December 2018

    I almost have root i have the Principal and have got the H*** and am trying to run h*****t but its saying it will take 14 hours because its running in a VM and no GPU. Has anyone already run it and can give me the output, if i pass the correct command and h*** file? please PM if this is possible . Thanks

    Update: NVM i found hashcat for windows and can do it in 30 mins now :)

  • @NullDay said:
    I almost have root i have the Principal and have got the H*** and am trying to run h*****t but its saying it will take 14 hours because its running in a VM and no GPU. Has anyone already run it and can give me the output, if i pass the correct command and h*** file? please PM if this is possible . Thanks

    Update: NVM i found hashcat for windows and can do it in 30 mins now :)

    hi,I have no ideas how to be root,can you give me some hint

  • @tanghf said:

    @NullDay said:
    I almost have root i have the Principal and have got the H*** and am trying to run h*****t but its saying it will take 14 hours because its running in a VM and no GPU. Has anyone already run it and can give me the output, if i pass the correct command and h*** file? please PM if this is possible . Thanks

    Update: NVM i found hashcat for windows and can do it in 30 mins now :)

    hi,I have no ideas how to be root,can you give me some hint

    id tell you how to get root through hacking K******* but am having my sunday Roast so i think you need to figure out the Principal of hacking a certain service

  • edited December 2018

    wasted so many hours trying all out brute force here, but good box, maybe one of my least favorites. Sure i guess its realistic and i learned a bunch about AD but god damn, had no idea i could -request that much info.

    Anybody know why my python library (I*****T)'s smb client wont work with this one? i could only get one example to work. I even went in and changed the dialect directly and it seems there is no way to get it to work with 2. I got some issued creds too but couldnt login with them even for low piv. I just dont understand if the stuff was disabled intentionally here or i had some params/config wrong. I feel like ***Dump.py, ***client.py, secrets****.py should have worked but i always got a "connection reset" or "couldnt make object for session" error except on one script. not even an access denied or invalid creds.

  • Hi guys.

    I got the user but i have problems getting the root.

    I got some L*** info with i******t but i don't know what is the next step.

    Can someone hint me about this ? :(
    I will be very grateful.

  • Got root! Thanks for the creators of this box. Spent almost a month in between getting user and root. I stopped and worked on other boxes because i wasn't able to grasp the idea of K*******. Great box!

  • @Baikuya Thanks for the help on this one!

  • Type your comment> @td00k said:

    @h1tch said:
    im getting
    [-] Kerberos SessionError: KRB_AP_ERR_SKEW(Clock skew too great)
    from impact. Latest version via git clone. even ntpdate to the server to match the time. Anyone else have that issue?

    You have to change the time of your machine, try to change time like 7min back and see if it works

    Hello, my machine time is April 25, 19. I tried to change the time to 15:06:00 on July 19, 18, but I still made an error in Kerberos Session Error: KRB_AP_ERR_SKEW (Clock skew too big). Do you have any suggestions? Thank you very much!

  • edited February 13

    good box

Sign In to comment.