Mango

First blood gone…

Anyone at the v****/c******* structure?

already ordered mangos from whole foods twice.
both deliveries are overdue tho.
sad.

https: /a…tics.p.p

Happy diwali hackthebox

&login=login a little strange maybe h.dra… or pata …

Found an empty looking useless web server, one with the aforementioned “search engine like” stuff (along with an***cs.p) which yet again doesn’t seem very useful but it led to a third web serv that seems closest connection to the box’s name and has a login.
Gobuster found absolutely nothing on any, neither did manual enum. Any nudges / ideas maybe? Thanks

I add codepen.io to hosts file and an…php start working

but maybe just a rabbit hole

Could that one guy please stop dos-ing the server? Thanks.

I’ve enumerated it in any way I could think of with dirs, files, ipv6, several payloads for the search field, look for vulnerabilities in all the files/folders I could think of…
And I’m at the same point than a couple hours ago when I started, so if anybody would like to throw some hints you are very welcome.

I dont think olap.flexmonster.com are funny to use /ana…php and connect to there elasticsearch server more and more

??
Loading members…name: 300000 of 474710 loaded

And hack the box server is fighting with tons of data maybe rabbit data

I hope this is a rabbit hole I can create a query that run more days, kill htb server and flexmonster elasticsearch engine

Are we supposedd to go to c**.f*********r.com linked from the an…php page or is it just a rabbit hole?

f*******r.com working in ana…php when connect to remote elasticsearch

Spent a lot of time by analyzing unnecessary stuff.
But like in real pentest you do not know in advance where is vulnerability hidden.

The same for root )

I think I found a user i*******y. Rabbit hole?

I’d suggest to at least hide somehow the external links on the box from hackthebox people. They could lead to misunderstandings and unintentional scans by mistake.

Found the login form and got the tables working, not seeing where to go next.

I am in the same spot after few hours of enum and recon…

I starting a very long query on elastic server, maybe need to ddos https://olap.flexmonster.com:9200 .

fm-entities has more than 470 000 entries

@rholas said:

I starting a very long query on elastic server, maybe need to ddos https://olap.flexmonster.com:9200 .

fm-entities has more than 470 000 entries

You definitely should not be DDoS’ing any boxes, especially ones outside of the HTB network.