Sizzle

Those ports…

I’m inside … I hope it’s not a rabbit hole … I have a special ability to find them …

@n0m0c0navaja same than you many strange file on it… 2h im thinking: is a rabbit? but i dont found anything yet more so… idk xD

Okey now i found some cert… rabbit hole? too many rabbit on this box xD

too many hints!!! :stuck_out_tongue:

Not really a hint, we dont said where and how we be inside, and for the cert, wich one? Where? How? XD and there is many rabbit hole, maybe its a hint for jump into a hole? Idk didnt find anything really sure to give a hint ^^ anyway if its real HARD hint those comment will be removed

Ps : sorry if i spoiled or give a hint its not what i wanna do xD

Ps2: this box give me a cancer and i have rabbit ears in my head now! XD i dont think i will sleep now my brain didnt stop thinking T_T

I find it amazing- while others still scanning and try to get a picture, others already “in” - whatever that means. HTB is a great place to learn from each other - great community !

Btw. i’m still scanning and no hint for anything useful :wink:

Lot to look into. Anyone found interesting path ?

Got some users but not password so I try the obvious brute-forcing… or anyone found some credentials ?

Congratulations for @stefano118 !!! first blood 17 hours, 59 mins, 56 seconds.

Found some users… An interesting page… a lot of open ports…

No credentials.

It’s currently very slow to enumerate

Close to get a shell… x)

Getting there…

Found user + creds and other authentication things… looking for a good place to use them :slight_smile:

Edit: Got User! Now to find Privesc

Is it necessary to brute-force or can you find valid password(s) for a user ?

Bruteforce isnt the way

@backspace said:
Found user + creds and other authentication things… looking for a good place to use them :slight_smile:

Stuck in this exact spot. Credentials without any apparent use.

Edit: Figured that part out, at least.

should I be trying to get lucky here?

Is this intentional? portscan doesnt work. Without any scan not doing anything susp., half of the HTTP requests times out. Is it because of the LAB or firewall stuff?
Restarted everything. Without doing any suspicious, just trying to browse the webpage> 10/2 attempt connects.