Postman

Rooted, I enjoyed this box. There are plenty of hints on here already. Also remember to check the box’s profile page via HTB to see what it consists of. The main point that pops out is it is heavily CVE related.

That said, you can PM me via discord for hints.

Thanks for the box. As a n00b, I appreciate the easier boxes, and I thought this one had some nice quirks to keep the obvious exploits from working. Also the password that doesn’t work where you think it does was a useful reminder to keep my options open.

What’s with the contents of root.txt ?!!!

Hi guys, is anyone able to run “config set dir …” in r**** ? i keep getting permission denied… not sure what im doing wrong here…

rooted, thanks to @donkeysnore for the nudges.

any tips for getting foothold?

Type your comment> @coolZero1473 said:

any tips for getting foothold?

  • Enumerate all ports!!
  • try to do it Manually, when you are trying!!

Any hints for root

получен root)))

Подсказка
user: ищите скрипт на r***s немножко подправите и получите шелл. и поищите файлик который вам поможет. его нужно расшифровать и просто потом пишем su от пользователе и вводим пароль и получаем user.txt
root: ищем эксплойт и запускаем msf и там просто вводим полученные все данные и вуаля root.

Хорошая коробка. Спасибо

Type your comment> @Yannis said:

For initial shell: How are you supposed to figure out that user r***s exists on the machine?

rxxxs-xxi -h host -x set test < etc passwd
rxxxs-xxi -h hosts getrange test 0 50000
you will get the contents of the file

Ok, I got user. I think the problem I had was I was trying to do the box while others were on the box at the same time. It’s really frustrating but I tried. Thanks to the people giving out clues on this forum. It really helped. I going to now read hints to root and try to root it.

Type your comment> @IoCyber said:

Any hints for root

Rooted my first box
I definitely learned a lot from this box.
Thanks to all people who posted clues.

Hey guys, just got user access, trying to use a m**** module on w***n but i’m getting a “cookie error” and “no session was created”. Am i on the right way ? I don’t mind some hints :s nvm, got it working. hint for this error: don’t forget ssl like i did…

ROOTED !

pm me for hints/nudges

Hi,
I think Ive got a different pass for the user from john… from previous replies I see others have it as c…8 but I got something totally different.
Any chance someone can point me in the right direction of where Ive gone wrong?

urrgh, spent longer than I wanted on user as Ive not had much experience with r***s… root was so much easier.

Hey Guys,

I am rooted!! But, with metasploit.

Is there any way to do it manually? I don’t want to use any Metasploit.
Cause, its not allowed in OSCP:(

Rooted! A big thanks to @ascannerdarkly @n1njaaa @Wh0aMn1c0 for the tips. Learned about r****. The root was fairly simple with the use of m********* and a CVE. Can anyone PM me how to do it manually?

Great box.

Type your comment> @clubby789 said:

5 minutes to go, everyone ready?
i have used every information gathering tools but i cant find anything intresting, i m new in hackthebox… if you can help me then pls do share your ideas

i have got a login page now what can i do to find the user

rooted, once I’d got a foothold and some interesting files, it was easier to get root first.