Bastion

Rooted. Thanks @L4mpje . Its nice box
User: Enumeration and mount
Root: Enumeration and research
Feel free to PM me for hints

I cracked the HASH from the S*M Database. Now i am stuck. please give me hint

Good box.

User: Mounting all the things is the way to go, once that’s done, just extracting and cracking files is enough and can be done without much system resources.

Root: This one had me stumped for a while. Turns out, I missed one of the flags in a script that I had found earlier that proved useful. This box CAN be rooted without a Windows VM.

Could anyone pm me how they cracked the passwords after extraction? i can’t get HC or Jonny to play ball

I am totally new here. Please I Need Help to solve box

Type your comment> @sebaileyus said:

Could anyone pm me how they cracked the passwords after extraction? i can’t get HC or Jonny to play ball

Buddy is very simple (I was stuck for a while) use the py script on this forum… don’t put jonny to play…

I just rooted! Thanks @L4mpje I learned a loooooottt.

need a nudge on SSh…Anybody

User’d and root’d,

tons of fun, not sure if you ever find this in the wild but a very interesting box!

Usered and rooted Bastion today. It was really interesting and fun box to hack, much easier after the “Heist” though. Thanks for the efforts @L4mpje!

Super noob here, but I’m still trying to gain access to this box. I’m connected to the vpn and trying to crack the ssh password with hydra but no luck. Am I on the right track or am I missing something?

Actually a nice box to work on. Nice attack path with a real world kind of feel to it. I have personally seen this kind of scenario in the wild.

Thanks @L4mpje for making the box it will definitely help people learn some cool stuff and expand their skills.

I got user.txt and root.txt
It’s very instructive machine

This is my very first box and I’m stuck. Ive gotten the user flag, and have been trying to get root for hours now. The exploit I thought was going to work isnt giving me anything back. Anyone want to shoot me a dm or anything to get me into the right direction.

Hi, this is one of my first box and I learnt so much thanks to @L4mpje! Now I got User and I’ve been working on root for a while and I’ve enumerated and found the right exploit to use I think and found a ruby script but I cannot get it to work the way I want to. Could someone give me a little help?
Thank you!

Can someone pm me, i got the vhd and mounted, hashes don’t seem to work

Can someone PM me about what I do after JTR has cracked the hashes?

Edit: Use HashKiller and it will solve your problem. Got user onto root

Edit2: Got root PM if you need help

ok i have user but i’m really stuck on the root i’m almost sure what the app is but i don’t find any exploit

YEEEEAH i got root thanks every one for the tips. And thank you @L4mpje for my first box on the site, was 2 days of pure fun.

Root taken! it was not difficult, because I met such a situation in reality! thanks for the box @L4mpje!