PlayerTwo

@aleeamini problem resolved ? If you still have issues please dm.

Finally got user.
My first insane machine and I really enjoyed the RCE, it’s so realistic.
Now onto root.

Type your comment> @blink3r said:

Finally got user.
My first insane machine and I really enjoyed the RCE, it’s so realistic.
Now onto root.

say a hint for user. i have w***-d*** but i am looking for a way to o*****r

@aleeamini said:
Type your comment> @blink3r said:

(Quote)
say a hint for user. i have w-d but i am looking for a way to o*****r

I went to a hotel and really loved their xxxxxxx :wink:

Type your comment> @MrR3boot said:

@aleeamini said:
Type your comment> @blink3r said:

(Quote)
say a hint for user. i have w-d but i am looking for a way to o*****r

I went to a hotel and really loved their xxxxxxx :wink:

thank you :smiley: but i see a process that contain some commands that i found in Pr*****.b** file. s**y command. i am in true way??

Finally got past the 2FA. I have a file and am trying to figure out how I can get RCE. Is the upload page meant to be so unhelpful? whatever I upload I just get a white page after. no helpful error messages lol

Rooted! Wow! That was quite a challenge for me. Learned a lot about the heap though. Thanks to @verdienansein and @idomino for the recommended reading.

finally got the user. thank you. @AcroTiger and @MrR3boot . :). i learned a new exploit. thank

finally rooted… It was a insane machine… that was so fun.
thank you @MrR3boot.

If you need help, you can send a message. I will reply when I am available.

Hack The Box

Type your comment> @Dreadless said:

Can anyone help me with OTP I keep getting {“error”:“Invalid Session”} Please PM me if you can help :slight_smile:

How are sessions maintained and where might you get one in the flow you’re in?

I’m stuck at the next step, guessing there might be some clues in this mystery file people keep talking about. Found it once on a wild guess based on a clue but ignored it cuz it felt like cheating. Now I can’t enumerate it again. ?

figured out the session thing, but trying to enumerate secondary service. and also find the hinted file from the forum. found something on github with the same path as the service but it doesn’t seem to be implemented in the same way.
been cranking at it for a week, though, not giving up.

I need a nudge for the 2FA, managed to find the ***/T*** but stuck at m****** p********
PM’s are welcome

really enjoyed the process of getting root on this box, amazing feeling to get the exploit working after several intensive days. thanks to the creators!

Type your comment> @X3ntr said:

I need a nudge for the 2FA, managed to find the ***/T*** but stuck at m****** p********
PM’s are welcome

same… tried fuzzing didn’t work am i on the right track or do I need to find another way?
edit: ok got pass 2fA

Can anyone please help me get from www- to o****?

Edit: got it!

Type your comment> @f00l8r1t3 said:

Type your comment> @trollzorftw said:

Got all the creds but 2fa is walling me :confused:

It’s 1-2-3-4-5.

(edit: this is a reference to a movie gag, don’t mean to send anyone astray here)

That’s the same combination I have on my luggage!

Also, 2FA still got me baffled, clues aren’t helping. messing around with js, but i’m not seeing anything context-appropriate. Any hints? PM if i’m just being a dolt.

Working on the heap now. I think this is going to be the end of me, lol.

Type your comment> @farbs said:

Working on the heap now. I think this is going to be the end of me, lol.

Same spot, same feelings;)

Type your comment> @v01t4ic said:

Type your comment> @farbs said:

Working on the heap now. I think this is going to be the end of me, lol.

Same spot, same feelings;)

Same as you guys, this heap is making me crazy :stuck_out_tongue:

is getting internal error 500 on upload normal?