• Rooted! It was a good box for an AWAE student
  • So much fun!
    Hmu for hints.

  • I enjoyed that. There were several "wtf now" moments and getting the payload to work without any feedback was infuriating.

    PM if you need hints.

  • Well crafted box! Enough clues to lead you around and pays off in the end to read things. Lots of fundamental stuff to learn here for many, but not so tedious to be (overly) frustrating.

  • Type your comment> @nullorzero said:

    I am stuck at user. I have creds, token and one place to use them. Still stuck.
    Asking kindly for help.

    Same boat. I know where the vuln is, but the obvious exploit doesn't seem to work.

  • Type your comment> @extincted said:

    Found some creds, and at token. Used the credentials. Need a pointer of what to do. Feels like I am missing something. DM me if you got some spare time :)

    Same situation here, can someone DM? Thanks in advance.

  • Hi, I found creds and so token, successfully added elements to the dB via b**w, but I have no clue what to do next to get to the system.
    Could someone give me a little hint, like on what should I focus on?
    of course I don't wanna be spoiled, I want to learn by myself :)

  • Can someone please PM me about the syntax for a shell. I'm getting some really weird responses back and can't seem to connect.

  • edited July 2019
    Finally I understand what I have to do and can continue. User hint: EVALuate the code.
    Edit: got root shell, looking for user and root hashs. :p (is a jail)
    Edit 2: got user, now fight to get root.
  • i'm root but where is the hash? ahaha

  • Hi anyone! I have a sh***l in the d****r con******er, found db c*******s, but no idea how to move forward:( Please, give me a little nudge to the right direction via PM:(

  • edited July 2019

    Hi, can you guys let me know if privesc to root is related to v***t s*****s? I am running mad with privesc :(

    Later edit , it is related ... used the one liner found in one of the documents , could not make it work with other otp instructions.

    Even if box is rooted with no help I did not understand too much about the software stack , f**k documentation.

  • Type your comment> @killinem said:

    Hi anyone! I have a sh***l in the d****r con******er, found db c*******s, but no idea how to move forward:( Please, give me a little nudge to the right direction via PM:(

    Same boat here! Driving me nuts!

  • Finally rooted! Nice box.
    PM for nudges :)

  • edited July 2019
    *removed after reading previous comments and realising it could be a spoiler*
  • hehehe, rooted, was my first day seeing V****. Took me about 2 hours of documentation to finally hit the correct syntax.

    User: there are some misguiding stuff in this forum I believe. what is too close to your eyes might not be the way In. and for the code part, you really have to look around, past,present and future.
    for jailers, get In, get out, and get back in :)

    Root: is right there but you have to learn about what and where are the juicy stuff at and what can I do.

    & as usual my door is open for help :)

  • Got root. =D
    Amazing machine!

    Root: Look the all the code with the second user and read the site documentation about v***t this will give you root. =D

  • finally rooted ! it really was an amazing box, it felt really realist and i learned a lot of things! thanks to @adelmatrash and @felixgmathew for their help
  • I was able to validate a t***n, however, I've yet to find a way to use the **I maliciously. I would really appreciate a nudge via PM.

  • edited July 2019

    This was a really fun box, very fun and straightforward once you find what you're looking for.

    Shoot me a message if you need a nudge for root.

  • What a great box!
    It's mine 9th but the best I've seen yet

    Thanks to @Itri3d for history reference at the beginning! Feel myself stupid at this moment

    So user was good, interesting and very logical. I've stuck for a few hours to sleep and code wget handler finally (thought about that few last machines already) and root was fast and pretty easy, you just need some manuals and use all the information you've collected

    Many thanks to @rotarydrone for this puzzle

    Making my way from newbie to pro

  • guys , i am in the right place , yesterday i got shell from a*v rce and all thing was ok , today its give me 500 internal server error !! WTF is that ! i check my req many times

    any help !?


    User has been fun!

    Root.... To much Docs.. But basically you know what to do, just needs to learn it.

    If you need help PM me :)

    Hack The Box

  • funny box, it is not so common.

    PM me if you need some hint.

  • Rooted. PM me if you need a hint.

    OSCP | PMP

  • Rooted. User was fun. Although Root is a bit simple, I learned about v***t.
    Thank you @rotarydrone for this real machine. It deserve to become one of OSCP labs. Also thank you @odinshell for your nudge.

  • Very fun machine! Very realistic in every way. I think this might be my favorite :) Very good job @rotarydrone !

    Hack The Box

  • Definitely one of my favourite machines so far, this one really forces you to understand all the pieces of the web-app it is running in order to get user.

    Hints I think may be useful:

    User - if you're struggling to get a proper shell back, it's always a good idea to match the language you use for your shell, with the language that has the RCE ......

    Root - There is an application that should stand out by this point - some research about how it is used on this box, and you should get root.

  • When I want update or create in sw****r with the t***n generated I have an error.: invalid or not found. does anyone help me?

  • Think I have my rce spot but can't figure out how to get it to run/escape correctly. Any nudges?

Sign In to comment.