Nest

Any Help on how to browse through the telenet session? I used D***G with the password i found from the empty file bubt when i issue a command i got the following message:
Invalid database configuration found. Please contact your system administrator

Any nudge please?

@FDS said:

Any Help on how to browse through the telenet session? I used D***G with the password i found from the empty file bubt when i issue a command i got the following message:
Invalid database configuration found. Please contact your system administrator

Any nudge please?

Use a different command. Try help to see the list of commands available to you.

Rooted. I found this box very straightforward with enough enumeration.

Got a little tripped up at the end after getting the D*G password. The next step requires looking within and “going back to the source”.

In response to the final flag: it was my pleasure :slight_smile: Thanks for the fun box

Rooted. Fun box! Can be solved without the need of shells.

Feel free to message for hints/nudges.

Type your comment

I got User and Root on the box. It was a fun box. I had to use windows for decoding. I tried to bake a code for the passwords but that unfortunately failed. Can someone point me in the right direction to do this with chef?

Ok, I need help with the reversing of the exe file. I’ve used strings and IDA (not PRO) but I can’t see any helpful information… any hint?

@Lu5i4 said:

Ok, I need help with the reversing of the exe file. I’ve used strings and IDA (not PRO) but I can’t see any helpful information… any hint?

I am stuck with the creds of c.***** user. I couldn’t find the program used for encrypting the password. Any hint ?

@plusX said:

I am stuck with the creds of c.***** user. I couldn’t find the program used for encrypting the password. Any hint ?

Type your comment

Type your comment> @TazWake said:

@Lu5i4 said:

Ok, I need help with the reversing of the exe file. I’ve used strings and IDA (not PRO) but I can’t see any helpful information… any hint?

Nest - #446 by n00py - Machines - Hack The Box :: Forums

Ohhh cool! I got it, thank you so much!!! :slight_smile:

struggling abit with nest, enumeration isnt playing ball…

Rooted all on kali.
TBH, i really do not get the reason why this box is rated easy.

Got User, had some trouble to get the ADS with Linux. It seems that the password i found is wrong for D***G, may I missed something ?

@DonDon69 said:

Got User, had some trouble to get the ADS with Linux. It seems that the password i found is wrong for D***G, may I missed something ?

Possibly - Is the first and last character the same letter, just different case?

May I please get a hint for the first user? To be exact the D***G password.

@RandomPerson00 said:

May I please get a hint for the first user? To be exact the D***G password.

You are asking for two different things.

If you want the first user, you need to find the hash and crack it - lots of tips on that in the previous pages.

Once you’ve got the first user, enumeration will get you the D***G password.

@TazWake
Can you please give me a specific hint? I have no Idea as to what I should do.

@RandomPerson00 said:

Can you please give me a specific hint? I have no Idea as to what I should do.

Ok, but as I have no idea of what you have done or where you are on the box, I have no way of knowing if it is useful or not.

  1. Use nmap to scan the box, find every open port.
  2. Pick one of them and find the tools you have available in kali to access it and gather as much information as you can.
  3. Take the information you’ve found and use one bit of it to “crack” the password hash you will have found because you’ve looked at everything you can look at.
  4. Use the account you now have access to and gather all the data you can access, this should include the user flag.
  5. use the password you’ve been given on the port you ignored and find more loot.
  6. analyse the binary you’ve found and work out what you have to change to crack the new loot.
  7. use your new credentials to access a thing you couldn’t really access before and read root flag.

While I’ve tried my best, there is a chance this will be removed as a spoiler soon.