PlayerTwo

1235789

Comments

  • Type your comment> @spoppi said:

    Type your comment> @aleeamini said:

    Hi guys. the upload page seems doesn't work. i can't upload frimware file. verify.php seems has a problem.
    @MrR3boot @b14ckh34rt

    Had the same issue yesterday, a reset fixed it.

    i can't reset anymore

  • i can't reset anymore

    reset requested ;)

  • Type your comment> @spoppi said:

    i can't reset anymore

    reset requested ;)

    thank you ;)

  • Type your comment> @spoppi said:

    i can't reset anymore

    reset requested ;)

    i get internal error 500. :(

  • hmm, tested and get the same. another reset requested. If that doesn't solve it you might contact the admins via HTB forum or support site.

  • Type your comment> @spoppi said:

    hmm, tested and get the same. another reset requested. If that doesn't solve it you might contact the admins via HTB forum or support site.

    thank you. doesn't change. i sent a message for Mrr3boot.

  • @aleeamini problem resolved ? If you still have issues please dm.

    MrR3boot
    Learn | Hack | Have Fun

  • Finally got user.
    My first insane machine and I really enjoyed the RCE, it's so realistic.
    Now onto root.

    image
    Click here for HTB Profile: You are welcome to contact me for a nudge, but if I help you, please consider giving respect.

  • Type your comment> @blink3r said:

    Finally got user.
    My first insane machine and I really enjoyed the RCE, it's so realistic.
    Now onto root.

    say a hint for user. i have w-d but i am looking for a way to o*****r

  • > @aleeamini said:
    > Type your comment> @blink3r said:
    >
    > (Quote)
    > say a hint for user. i have w-d but i am looking for a way to o*****r

    I went to a hotel and really loved their xxxxxxx ;)

    MrR3boot
    Learn | Hack | Have Fun

  • Type your comment> @MrR3boot said:

    @aleeamini said:
    Type your comment> @blink3r said:

    (Quote)
    say a hint for user. i have w-d but i am looking for a way to o*****r

    I went to a hotel and really loved their xxxxxxx ;)

    thank you :D but i see a process that contain some commands that i found in Pr*****.b** file. s**y command. i am in true way??

  • Finally got past the 2FA. I have a file and am trying to figure out how I can get RCE. Is the upload page meant to be so unhelpful? whatever I upload I just get a white page after. no helpful error messages lol

    Hack The Box

  • Rooted! Wow! That was quite a challenge for me. Learned a lot about the heap though. Thanks to @verdienansein and @idomino for the recommended reading.

    OSCP, SSCP
    seekorswim

  • finally got the user. thank you. @AcroTiger and @MrR3boot . :). i learned a new exploit. thank

  • edited December 2019

    finally rooted... It was a insane machine... that was so fun.
    thank you @MrR3boot.

    If you need help, you can send a message. I will reply when I am available.

    Hack The Box

    Hack The Box

  • Type your comment> @Dreadless said:

    Can anyone help me with OTP I keep getting {"error":"Invalid Session"} Please PM me if you can help :)

    How are sessions maintained and where might you get one in the flow you're in?

    I'm stuck at the next step, guessing there might be some clues in this mystery file people keep talking about. Found it once on a wild guess based on a clue but ignored it cuz it felt like cheating. Now I can't enumerate it again. 😂

  • figured out the session thing, but trying to enumerate secondary service. and also find the hinted file from the forum. found something on github with the same path as the service but it doesn't seem to be implemented in the same way.
    been cranking at it for a week, though, not giving up.

  • edited January 5

    I need a nudge for the 2FA, managed to find the ***/T*** but stuck at m****** p********
    PM's are welcome

    cerbersec.com

  • really enjoyed the process of getting root on this box, amazing feeling to get the exploit working after several intensive days. thanks to the creators!

  • edited January 7

    Type your comment> @X3ntr said:

    I need a nudge for the 2FA, managed to find the ***/T*** but stuck at m****** p********
    PM's are welcome

    same.. tried fuzzing didn't work am i on the right track or do I need to find another way?
    edit: ok got pass 2fA

  • edited January 7

    Can anyone please help me get from www- to o****?

    Edit: got it!

    Hack The Box

  • Type your comment> @f00l8r1t3 said:

    Type your comment> @trollzorftw said:

    Got all the creds but 2fa is walling me :/

    It's 1-2-3-4-5.

    (edit: this is a reference to a movie gag, don't mean to send anyone astray here)

    That's the same combination I have on my luggage!

    Also, 2FA still got me baffled, clues aren't helping. messing around with js, but i'm not seeing anything context-appropriate. Any hints? PM if i'm just being a dolt.

  • Working on the heap now. I think this is going to be the end of me, lol.


    Hack The Box
    defarbs.com | Retired Machine Writeups! - "Let me just quote the late, great Colonel Sanders, who said, 'I'm too drunk... to taste this chicken.'”

  • Type your comment> @farbs said:

    Working on the heap now. I think this is going to be the end of me, lol.

    Same spot, same feelings;)

  • Type your comment> @v01t4ic said:

    Type your comment> @farbs said:

    Working on the heap now. I think this is going to be the end of me, lol.

    Same spot, same feelings;)

    Same as you guys, this heap is making me crazy :P

    image
    Click here for HTB Profile: You are welcome to contact me for a nudge, but if I help you, please consider giving respect.

  • is getting internal error 500 on upload normal?

  • Type your comment> @babywyrm said:

    Type your comment> @limbernie said:

    Very reminiscent of the good old days where you have to hex-edit games for whatever reasons :D

    You mean like with Zork, right?

    rip

    NeverForget

    BecauseReasons

    pretty sure you don't need to patch zork for any reason

     / __| | | | '_ ` _ \ 
    | (__| |_| | | | | | |
     \___|\__,_|_| |_| |_|
    

    Hack The Box

  • Type your comment> @r0xas said:

    is getting internal error 500 on upload normal?

    don't use gzip. just use tar without gzip.

  • @MrR3boot, i think i know the name of this game we're playing here.. is it "@#$%ing chunk tetris"?! =)
  • Type your comment> @soozan said:

    Type your comment> @r0xas said:

    is getting internal error 500 on upload normal?

    don't use gzip. just use tar without gzip.

    Is it a matter of traversing or rather linking if I may ask?

    m4rc1n

Sign In to comment.