Registry

Done Man that Re**** was toughā€¦

Puh I got root. Thx to @3l0nMu5k for his help! I learned a lot. Never heard about this software before.

Got user finally, went down a rabbit whole with the D***** r******* v2 ap*. Finally figured out the commands to do it correctly, then its all enumeration. Onto root.

Rooted. User is very easy. Root also is not very hard but nice!

Got user, struggling with root.
Got Admin password but i am unable to upload shell. tried known exploit method :confused: any hint?

This a brilliant box, but for not apparent reason I got stuck and quite a few rabbit holes. A few nudges from @noob2sec and @ekka got me going, so thank you both for it! :slight_smile:

Overall, my recommendations make sure you cover the basics of your enumeration. For root, donā€™t try to reinvent the wheel and make sure you know what privileges you have.

Really great box so far, learned a lot about d****

Anyone for a nudge on root ? stuck on making r**** work with r***-s****

Hi. Iā€™d like some help getting to user #2 if anyone is willing to DM. Thanks ?

I managed to get user on this one, so far itā€™s an awesome box! thank you @thek ! onto root!

I am trying to go from user1 to user2 but I cant get creds for webapp. Could anyone help me?
edit: nvm im idiot

I cannot upload files in the cms, i get a 404 when renaming or creating files, can someone please help?

Just managed to get root! Thank you to @rholas for being my rubber duck! and also thank you @thek once again for an awesome challenge!

Got Webshell but canā€™t upgrade it to reverse shell, any nudge?

Someone please help with the webshell for second user, canā€™t make anything run and canā€™t change extension.

Ohhhh this box! Although fantastic, Iā€™m stuck at the final part - so closeā€¦ Got a shell as that last w**-**** user, found some r***** command I can run privileged. Can use that service on any file I want, but canā€™t read it or use it at all. Someone DM for a nudge? Felt like Iā€™ve read the whole manual and GitHub pages for r***** atm :stuck_out_tongue:

Another interesting @thek machine.

At first the escalation was similar to the privesc of OneTwoSeven machine but it is much simpler, the key is to know how to use the client and the server of that technology in the machine.

P.S: I never got a shell with the second user, I donā€™t know if itā€™s possible but all the commands can be done from a simple WebShell (in another location).

gaining root on this machine reminded of me a very recent project I was working on. Cool way to route the traffic.

ā– ā– ā– ā– , that was a difficult box. My first hard one, and itā€™s not even supposed to be that hard for HTB standard. Definitely a bit more than I could chew. So glad I didnā€™t give up. I gotta pay it forward though; dm if you are stuck.

Oke, got it! Finally rooted this box. Took me more hours than most but learned a lot.

hello, I need a hint for escalation to 2nd user