Mango

I add codepen.io to hosts file and an…php start working

but maybe just a rabbit hole

Could that one guy please stop dos-ing the server? Thanks.

I’ve enumerated it in any way I could think of with dirs, files, ipv6, several payloads for the search field, look for vulnerabilities in all the files/folders I could think of…
And I’m at the same point than a couple hours ago when I started, so if anybody would like to throw some hints you are very welcome.

I dont think olap.flexmonster.com are funny to use /ana…php and connect to there elasticsearch server more and more

??
Loading members…name: 300000 of 474710 loaded

And hack the box server is fighting with tons of data maybe rabbit data

I hope this is a rabbit hole I can create a query that run more days, kill htb server and flexmonster elasticsearch engine

Are we supposedd to go to c**.f*********r.com linked from the an…php page or is it just a rabbit hole?

f*******r.com working in ana…php when connect to remote elasticsearch

Spent a lot of time by analyzing unnecessary stuff.
But like in real pentest you do not know in advance where is vulnerability hidden.

The same for root )

I think I found a user i*******y. Rabbit hole?

I’d suggest to at least hide somehow the external links on the box from hackthebox people. They could lead to misunderstandings and unintentional scans by mistake.

Found the login form and got the tables working, not seeing where to go next.

I am in the same spot after few hours of enum and recon…

I starting a very long query on elastic server, maybe need to ddos https://olap.flexmonster.com:9200 .

fm-entities has more than 470 000 entries

@rholas said:

I starting a very long query on elastic server, maybe need to ddos https://olap.flexmonster.com:9200 .

fm-entities has more than 470 000 entries

You definitely should not be DDoS’ing any boxes, especially ones outside of the HTB network.

Rooted
Big thanks to @v1p3r0u5 for help and also to @MrR3boot for great box. Learned a lot
@rholas I think a*******s.**p is not right path.

Type your comment> @clubby789 said:

@rholas said:

I starting a very long query on elastic server, maybe need to ddos https://olap.flexmonster.com:9200 .

fm-entities has more than 470 000 entries

You definitely should not be DDoS’ing any boxes, especially ones outside of the HTB network.

This is a hack the box server not outside, but currently near crash state

@rholas said:

Type your comment> @clubby789 said:

@rholas said:

I starting a very long query on elastic server, maybe need to ddos https://olap.flexmonster.com:9200 .

fm-entities has more than 470 000 entries

You definitely should not be DDoS’ing any boxes, especially ones outside of the HTB network.

This is a hack the box server not outside, but currently near crash state

Why do you think that? The rules explicity say not to hack anything outside of 10.10.10.0/24

Everything should be self-contained on the machine.

@rholas Sorry man, but @clubby789 is right, it’s definitely out of scope. Anyways, it’s ALWAYS prudent to check first. Don’t think DOS will accomplish anything here. But just in case could you confirm the scope on this @mRr3b00t ?

Type your comment> @HumanFlyBzzzz said:

@rholas Sorry man, but @clubby789 is right, it’s definitely out of scope. Anyways, it’s ALWAYS prudent to check first. Don’t think DOS will accomplish anything here. But just in case could you confirm the scope on this @mRr3b00t ?

This is run on 10.10.10.162 not outside

and skullkiddo sad to ddosing (4. comment)

@rholas said:

Type your comment> @HumanFlyBzzzz said:

@rholas Sorry man, but @clubby789 is right, it’s definitely out of scope. Anyways, it’s ALWAYS prudent to check first. Don’t think DOS will accomplish anything here. But just in case could you confirm the scope on this @mRr3b00t ?

This is run on 10.10.10.162 not outside

That’s the IP of the box. The IP of olap.flexmonster.com is 52.5.238.221, as seen by pinging it.