Bankrobber

Spoiler Removed

Could anyone give a hint with initial foothold? I did some enumeration, have an idea of what is happening, but don’t know how to exploit it

  • Very good machine, thank you to the creator of the box for his work. :slight_smile:

There is something broken around the service. After few requests it stopped talk to me, I waste 2 days on trying to do one simple thing. So finally I moved from VIP to free servers and it works pretty well there. I got what I need in no time. So if you are on VIP and you are stuck, maybe you should consider jumping into free servers for this one.

Type your comment> @tmogg said:

There is something broken around the service. After few requests it stopped talk to me, I waste 2 days on trying to do one simple thing. So finally I moved from VIP to free servers and it works pretty well there. I got what I need in no time. So if you are on VIP and you are stuck, maybe you should consider jumping into free servers for this one.

I’m on free and i don’t approve this advice xD

Type your comment> @DaChef said:

Type your comment> @tmogg said:

There is something broken around the service. After few requests it stopped talk to me, I waste 2 days on trying to do one simple thing. So finally I moved from VIP to free servers and it works pretty well there. I got what I need in no time. So if you are on VIP and you are stuck, maybe you should consider jumping into free servers for this one.

I’m on free and i don’t approve this advice xD

You have no choice if it doesn’t work at all.

rooted , this box is really good , thanks for the box creators

I’m stuck at the bdchecker, I can run it (or better have somebody to run it for me) and read its output but I can’t execute any other command but the one it explicitly says I can run, and I don’t know if there’s a way to exploit this single command or retrieve something useful with it…

I tried several command concatenation, I tried to look for a way to make it produce some arbitrary text and save it on disk… I’m running out of ideas. Any hint will be greatly appreciated. :slight_smile:

just rooted! message me for help

Very long final step … slow ****

Hi guys,

Just a quick update:

I am keeping an eye on this thread to know what’s up with the box. I’ve read that a lot of people are experiencing that the privesc part is unstable. After a couple of checks I did locally I can confirm that that’s the case. This is something we did test thoroughly though, but after the testing procedure we made a small mistake which resulted in the privesc part being unstable. I’ve messaged a moderator on HTB and we’re working on a fix.

Sadly I’m not able to remove the experience from people who already rooted the machine, but to all of you who did own the box pre-patched; consider yourself a go-getter :slight_smile:

Thanks for your feedback.

Do you guys think that this box is bugged? Nothing comes back, even after restarting the box. Someone from here confirmed my script.
I’m on 10.10.14 .

Edit: tried on the Free server too.

Can someone that completed this box, retry it and confirm that it works? I spent a crazy amount of time on what seems to be a bug…

Edit: It works! :slight_smile: …typo…

This final part… its a different version but I have no idea what it actually is… lol

Spoiler Removed

I have same problem , I try with another tools to make my shell (I use nc actually)

Spoiler Removed

fun box, initial part was way more complex then they privesc, but that didnt make it less fun though :slight_smile:

Thanks for a wonderfull few days !

Fun indeed! Rooted. Thanks for all the learning opportunities. Thanks for the hints folks.

I am onto root, I can see the odd process, but i can’t execute it, download it or dump it. Is there some other way to interact with it, that i’m missing?

Edit: Found what to do with it (thanks to @keyos1 ), but i can’t forward anything to me, as some have suggested in the post. Any nudges?

rooted! did not enjoy it as other Windows boxes! message me if you need help