Friendzone - HackTheBox

Can someone help me enumerate port 53?

@crysthoffer pm me

Can I PM some one?

any hint for root?

I can’t find a way to get transfers only ones are lo can someone help ?

Can I someone PM for a hint on Ha Ha! something went wrong page?

finally root … very good box, learned some new things and learned to not overlook small things

Can someone help me with the DNS-Recon? I never did something like that.

Type your comment> @Treelovah said:

WHAT ARE YOU TRYING TO DO HOOOOOOMAN !

lololol i love this box.

This box is trolling me but I like it.

Are we supposed to play around with the parameters in the ha ha page or have I dug a nice rabbit hole for myself here?

I can read interesting files on the worng page, but am stuck after that. Can somebody DM me?

Type your comment> @1NC39T10N said:

Wow… this box. holes everywhere. Interesting path to user. Don’t worry about the actual timestamp or the encoded one. The “timestamp” is key, but not as a timestamp…

I know what you are saying… i found that, but am not sure where to go after that :confused:

Hello, can someone help me with what to do once I have the admin creds please?
Thanks in advance.

Type your comment> @airmonster said:

Type your comment> @1NC39T10N said:

Wow… this box. holes everywhere. Interesting path to user. Don’t worry about the actual timestamp or the encoded one. The “timestamp” is key, but not as a timestamp…

I know what you are saying… i found that, but am not sure where to go after that :confused:

Same here…

i need some help on what to do after i have found the haha! picture

Type your comment> @sk41 said:

Type your comment> @airmonster said:

Type your comment> @1NC39T10N said:

Wow… this box. holes everywhere. Interesting path to user. Don’t worry about the actual timestamp or the encoded one. The “timestamp” is key, but not as a timestamp…

I know what you are saying… i found that, but am not sure where to go after that :confused:

Same here…

You’re not alone:) Me too:)

I’m trying to avoid spoilers. I might not have succeeded. Stuck at haha?

  1. Run a normal gobuster on the 1 place where you are (/). Examine the results (there should be 5). Anything standout in terms of a name? Hopefully this will cause you to see what is happening.

  2. If you now understand what is happening, you cannot do the normal POCs. You have to stay in the same type. Use what you found in step 1 as POCs. Use the method that will let you see the originals (again step 1).

  3. Now that you understand the type limitation and have seen what you are working with, you need to find a way to get one of those “types” onto the box. Consider all ports and services. Once there, mind your location. In the place where you enumerate this service there is a hint in the output.

^ Great post.

In the place where you enumerate this service there is a hint in the output.
In particular will help a lot of people stuck at a certain point I think.

Type your comment> @1NC39T10N said:

I’m trying to avoid spoilers. I might not have succeeded. Stuck at haha?

  1. Run a normal gobuster on the 1 place where you are (/). Examine the results (there should be 5). Anything standout in terms of a name? Hopefully this will cause you to see what is happening.

  2. If you now understand what is happening, you cannot do the normal POCs. You have to stay in the same type. Use what you found in step 1 as POCs. Use the method that will let you see the originals (again step 1).

  3. Now that you understand the type limitation and have seen what you are working with, you need to find a way to get one of those “types” onto the box. Consider all ports and services. Once there, mind your location. In the place where you enumerate this service there is a hint in the output.

I feel like i have all of those pieces, but still cant put it together

EDIT: Got it :confused:

have any root hints been dropped yet?