Bastion

Got my 20 points for this fantastic and realistic box. Thanks @L4mpje for the work <3

User part is easy to do from a Linux box. No need for a vm or to download the big files. Google and Stackoverflow are your friends here.

Root part was tricky without a windows vm. But thanks to the work of @kmahyyg i owned the box completely from Linux. Thumbs up for sharing your work.

@kmahyyg said:
If spoiler, Please feel free to remove.

The last step to get root, I developed a small software to help you solve it without using Windows, Open-Sourced here: Link Hidden

Download the release, and run it according to README.

PM me if you need help.

can anyone guide me in mounting the files?
i have been trying guestmount so far but it just shutdown after a while and doesn’t create any files. also i can’t download it coz my net really unstable and having limited data.
any nudge in mounting it properly will be very helpful.

Type your comment> @vivek7497 said:

can anyone guide me in mounting the files?
i have been trying guestmount so far but it just shutdown after a while and doesn’t create any files. also i can’t download it coz my net really unstable and having limited data.
any nudge in mounting it properly will be very helpful.

PM me the command you used. Guestmount worked for me …

Very Good Machine, Today I learned a lot about so many things. Thanks to @L4mpje
If anyone needs help feel free to ping me. :slight_smile:

Do you need to do anything with the VHD to get user?

@pmarable123 said:

Do you need to do anything with the VHD to get user?

Yes you need to do something with the vhd file. But please it’s not necessary to download the files. Try to mount the vhd over the network.

Once your inside, take advantage from have access to all system files and use a basic vulnerability to get the user login credentials.

If you get stuck, feel free to contact me.

I mounted the files successfully and now I need to look for required data.

…nevermind, missed a step

Big shout out @L4mpje for a great box, demonstrating how information leak can lead to demise.
Thanks to those who helped (you know who you are), and no thanks to me for trying "Linux all the way through :slight_smile: . . . .ones journey continues

got user, on my way towards root !!

learnt a lot about vhd files and mounting them an stuff. Nice box

i am going through the discussions here, and for some reason i have started to feel that i can’t do it on linux machine. I got user hash though but seeing the discussion, i am afraid i won’t be able to get root. ■■■■.
is windows VM really that necessary?

Type your comment> @vivek7497 said:

i am going through the discussions here, and for some reason i have started to feel that i can’t do it on linux machine. I got user hash though but seeing the discussion, i am afraid i won’t be able to get root. ■■■■.
is windows VM really that necessary?

I tried on Linux for a long, long time. Switched to Windows last hurdle

@CyberTinker said:

Type your comment> @vivek7497 said:

i am going through the discussions here, and for some reason i have started to feel that i can’t do it on linux machine. I got user hash though but seeing the discussion, i am afraid i won’t be able to get root. ■■■■.
is windows VM really that necessary?

I tried on Linux for a long, long time. Switched to Windows last hurdle

As mentioned before, it is definitely possible to own the box completely from Linux. No need for a windows vm.

@mab said:
Root part was tricky without a windows vm. But thanks to the work of @kmahyyg i owned the box completely from Linux. Thumbs up for sharing your work.

@kmahyyg said:
If spoiler, Please feel free to remove.

The last step to get root, I developed a small software to help you solve it without using Windows, Open-Sourced here: Link Hidden

Download the release, and run it according to README.

PM me if you need help.

PM me if you need help.

ROOT’ed today - thank you @L4mpje for this box :slight_smile: learned some new stuff

@L4mpje thank you so much for this fun and realistic box! As a total n00b, this helped me a lot on getting a better understanding around Win Enum as my world is mainly unix. Looking at all the boxes upload to HTB, to me it seems it is a first!

Can anyone with the root flag open the Bastion writeup on HTB github walkthrough repo?
I have the root flag but for some reason it’s not working:

@lduros said:
Can anyone with the root flag open the Bastion writeup on HTB github walkthrough repo?
I have the root flag but for some reason it’s not working:
https://github.com/Hackplayers/hackthebox-writeups/tree/master/machines/Bastion

Nevermind it’s been reported.

Can any one direct me in decryption of the password obtained from Co****.*ml file. I have Google a lot and tried various methods, no luck.

Type your comment> @kmahyyg said:

If spoiler, Please feel free to remove.

The last step to get root, I developed a small software to help you solve it without using Windows, Open-Sourced here: Link Hidden

Download the release, and run it according to README.

This saved me. This is the way to go if you want an only Linux solution.