Bastion

Rooted! Really fun box, I’m working on bettering my understanding of Windows machines and this was really informative. Learned a TON from getting user, especially ways to avoid having to use a windows VM :slight_smile: I’m grateful it was something modern as well. Thanks @L4mpje! PM me if you need any hints or nudges

Rooted! very nice box. and interesting in the setup and methods used to root it.
Took a bit of playing around with. Software is the key

Hi All,
Just registered and this was my first box, this is awesome :slight_smile:
Do we know when the box will retire? Seems like I’ll need to get another one quick before it happens so I can make it out of ‘Noob’ :slight_smile:

I found user password but don’t know what to do with it. Could use some help with this. Thanks. No need!! Got the user.txt, now on to root

where did hackerman go ?

This was an awesome machine from top to bottom.

Anyone who needs a nudge, can approach me.

The box was great! But trying to understend why some tools didn`t work for me and had to install 3d software on W*********.
Could somebody DM me to maybe discuss why ************.rb doesnt work in my case?

DM me for hints if you stuck guys :smile:

PWNED!

user was harder than root for me but I confirm it’s possible (and maybe easier) to own both user and root from Kali.
I was scaring myself when the root.txt hash didn’t work!! I had to restart the box because root.txt was modified (accidentally?!) by someone, after restarting i noticed that there was one more character at the end of the hash.

user hint: smb share enumeration + mount techniques + basic Windows password management
root hint: enumeration + google :slight_smile:

DM me for help if you want!

@L4mpje thank you for this awesome box!

Hack The Box

Finally, I was able to get the root, it was a great box, learned a lot from it. @L4mpje thank you for a great box.

DM me if you need some help!

I’m not sure what was said in the forum, but don’t waste your time working on the admin password like I did. I was building my own tool (which is fine), but there’s already help online that’ll enable you to complete this box.

Just in case anyone is stuck:

USER - requires solid enumeration to figure what’s available to connect to. Once connected, look around/more enumeration (Google any files that you’re unfamiliar with), use a well documented technique found online to be able to see more of the filesystem. From there, think about how you would like to obtain user creds.

Root - more enumeration of the filesystem with the USER access that you have. Again, google any thing that you don’t understand/find intersting. I found what I needed very quickly and setup a meterpreter reverse shell (NOT NECESSARY), but I spent hours building a tool with guidance I found online when I could have just used something already available to root the box.

Overall, this was a very fun machine. I really enjoyed the techniques.

Rooted. Nice. I did in Linux and Windows for the practice. Thanks for the script and the help with the script options @0xNoOne
Thanks for the box @L4mpje

Feel free to PM.

Rooted, all in linux… very nice box don`t get many windows boxes so it’s good to play with one

rooted without any using of windows machine, all in kali :slight_smile:
pm me if you need help .
Arrexel

Still not owned but as a newbie this article helped me a lot:

please, let me know if it is considered as a spoiler and i (admin?) will remove it.

Had a lot of fun with this today, completed all with Kali, learning loads on the way!

Type your comment> @M4t35Z said:

User: enumeration, Who is the uncle of USA?
Root: more enumeration just for 1 thing

Feel free to PM me if u stuck. (:

Ahaha…nice one about User. I’ve got the file but i’m struggling with J***, h*****t, etc…

please help with rooting. I have file. Don’t know how to crack it. why do i need windows for that if the scripts are python or ruby?

Type your comment> @kalagan76 said:

Ahaha…nice one about User. I’ve got the file but i’m struggling with J***, h*****t, etc…
Yeah I am encountering the same problem. Has anyone got any tips on how to deal with this?

Edit: I did it! Thanks to @kalagan76 for helping me with john the ripper for the user.

Juste found user password. The command with j*** is actually pretty simple.

Rooted! My first Windows machine and the first one i did without help (except the forum). I really like it, that was a great machine. I don’t get why a lot of people needed a Windows VM. I did everything under Kali and nothing was really difficult. I’m a newbie but you can PM me if you need help.