Registry

Finally Rooted. Thanks @0xdaff for the initial hint.

some one can pm me ? i need some help with this box :confused:

Edit.
Now i got the user flag …

.

@Rolesa Read the docks …

Spoiler Removed

So many simple basic things I got stuck on, but:
Last login: Mon Oct 21 09:53:48 2019
root@bolt:~# whoami
root
root@bolt:~#

Really liked this one.

Can someone help me out? I got the c***** file, but I am not managed to decode it? Or am I going the wrong way? Please PM me

Finally finished this one thanks for the great box @thek

Need help with this box.
Stuck at d*****.registry.htb and bt/bt/

PM Me anyone and hand me some hints pls.

Any idea why they changed quite a bit about this box’s mechanisms? I tried giving some ideas to someone the other day and it turned out they changed A LOT. I’m not talking about the unintended k***** exploit, that obviously had to be removed / fixed

Spoiler Removed

I am stuck at user. Can someone help me out, please?

fun box… liked all components of it… few cheeky things in there but definitely had to be creative to get all correct access… :slight_smile: thanks @thek

I’m stuck trying to get user, my attempts to log in always give:

Error response from daemon: Get https://d*****.r*****.h**/v2/: dial tcp: lookup d*****.r*****.h** on 8.8.8.8:53: no such host

Any pointers would be appreciated, I just haven’t been able to figure out what’s wrong, or what I’m missing.

I am struck on root part.
i got pawrd from b.d* file
I successfully logged into webpage.
But i can’t get anything .
Someone please help me.

Type your comment> @seethe said:

I’m stuck trying to get user, my attempts to log in always give:

Error response from daemon: Get https://d*****.r*****.h**/v2/: dial tcp: lookup d*****.r*****.h** on 8.8.8.8:53: no such host

Any pointers would be appreciated, I just haven’t been able to figure out what’s wrong, or what I’m missing.

Have you added it to vhosts?

Consult d****r + machine_name API documentation more.

I have got the user.txt flag as b*** user. I have found the creds and logged into the login panel.

I suppose I need to upload a rev shell, get w**-***a and then priv esc to root, right?

Edit: I’ve got wa user, is this the way? bt → w**a → root?

Nice one ! I really liked it and learned a lot.

Can someone help me for reverse shell ?maybe my code is wrong

Hint for those having problems with reverse shells/connections:
If the direction you’re going does not work, try going in the opposite direction.