Nest

1151618202137

Comments

  • Good box.

    Thanks @VbScrub - Really enjoyed this one. I had to dig out old skills from years gone by. Took me back some!

    I did it mostly with Linux. I also used a windows virtualbox for some reverse engineering and looking deeper into the river.

    This one covers a good few skills indeed, but there is one part that I thought was very ctf and you won't know it unless you already came across it before. I got stuck on it for a while until a friendly hint reminded me of the trick.

    pm for help.

    Going Full Caveman during isolation. No shaving any hair for the duration.

    https://discordapp.com/invite/65mBnYk

  • ROOTED!!! Thanks a lot to @TazWake and @FastDuck for the help.

  • Rooted box.
    I enjoyed this box because it is the second Windows box for me, i can develop skill using basic tools.

    What i want to say like hint if you are stuck in some point and you dont know where move on, check where you was, check your files in detail ;)

    If you are blocked feel free to ask nudge (:

  • Type your comment> @TheBigfoot said:

    Hi all, can someone DM with some advice please? i've got things from a project and used them to make something in VB, I've tried to add an output but it runs and displays nothing.
    I've not used VB before so struggling to understand how to get it to write out properly. Thanks in advance :)

    EDIT I think i've got a password... P*******S is this right or am i way off?

    to display something:

    console.Writeln(yourvariablehere)

    However, if you run VisualStudio, you'd better use debugger at check the local variables window to check values.

    I guess is what you are actually asking, isn't it?

    Hack The Box
    Always happy to help you. If I help you, don't forget to give me respect on my profile. Click on my badge for this.

  • I like the puzzle-solving mentality needed to get a hold of the machine. It was beautifully crafted from initial foothold -> User -> Root. I found one tool which bodes well for user and root. Windows VM helps you out so it is good practice to save time and utilize the best of all OS'es. PM for nudges.

    3zCulprit

  • Spoiler Removed

  • Type your comment> @Darvidor said:

    Type your comment> @TheBigfoot said:

    Hi all, can someone DM with some advice please? i've got things from a project and used them to make something in VB, I've tried to add an output but it runs and displays nothing.
    I've not used VB before so struggling to understand how to get it to write out properly. Thanks in advance :)

    EDIT I think i've got a password... P*******S is this right or am i way off?

    to display something:

    console.Writeln(yourvariablehere)

    However, if you run VisualStudio, you'd better use debugger at check the local variables window to check values.

    I guess is what you are actually asking, isn't it?

    Ah I had to google your suggestion but the local variables windows is soo much easier (once its open)

    I've now got a passphrase and password - thanks for the help!

  • Ooook, got user, now going for root!!

  • System.Security.Cryptography.CryptographicException: 'Padding is invalid and cannot be removed.'

    anyone know how to get past this?

    Hack The Box

  • Type your comment> @th3g3ntleman said:

    Got the TempUser and password but can see all the users in the Users disk. Getting permission denied while trying to access the folders. Can anyone give me a hint on where to go from here ?

    Maybe there is more than just the Users folders to find. Keep digging in all available shares.

  • @walk said:

    System.Security.Cryptography.CryptographicException: 'Padding is invalid and cannot be removed.'

    anyone know how to get past this?

    Start here and work backwards: https://forum.hackthebox.eu/discussion/comment/59722/#Comment_59722

    TazWake

    Happy to help people but PLEASE explain your problem in as much detail as possible!

    Also: https://www.nohello.com/

  • Anyone on that can give some help about the “empty” file

  • @menorevs said:

    Anyone on that can give some help about the “empty” file

    https://forum.hackthebox.eu/discussion/comment/59680/#Comment_59680

    TazWake

    Happy to help people but PLEASE explain your problem in as much detail as possible!

    Also: https://www.nohello.com/

  • Any Help on how to browse through the telenet session? I used D***G with the password i found from the empty file bubt when i issue a command i got the following message:
    Invalid database configuration found. Please contact your system administrator

    Any nudge please?

  • @FDS said:

    Any Help on how to browse through the telenet session? I used D***G with the password i found from the empty file bubt when i issue a command i got the following message:
    Invalid database configuration found. Please contact your system administrator

    Any nudge please?

    Use a different command. Try help to see the list of commands available to you.

    TazWake

    Happy to help people but PLEASE explain your problem in as much detail as possible!

    Also: https://www.nohello.com/

  • Rooted. I found this box very straightforward with enough enumeration.

    Got a little tripped up at the end after getting the D*G password. The next step requires looking within and "going back to the source".

    In response to the final flag: it was my pleasure :) Thanks for the fun box

  • Rooted. Fun box! Can be solved without the need of shells.

    Feel free to message for hints/nudges.

  • Type your comment

    Hack The Box
    Always happy to help you. If I help you, don't forget to give me respect on my profile. Click on my badge for this.

  • I got User and Root on the box. It was a fun box. I had to use windows for decoding. I tried to bake a code for the passwords but that unfortunately failed. Can someone point me in the right direction to do this with chef?

  • Ok, I need help with the reversing of the exe file. I've used strings and IDA (not PRO) but I can't see any helpful information... any hint?

  • @Lu5i4 said:

    Ok, I need help with the reversing of the exe file. I've used strings and IDA (not PRO) but I can't see any helpful information... any hint?

    https://forum.hackthebox.eu/discussion/comment/59498/#Comment_59498

    TazWake

    Happy to help people but PLEASE explain your problem in as much detail as possible!

    Also: https://www.nohello.com/

  • edited February 3

    I am stuck with the creds of c.***** user. I couldn't find the program used for encrypting the password. Any hint ?

  • @plusX said:

    I am stuck with the creds of c.***** user. I couldn't find the program used for encrypting the password. Any hint ?

    https://forum.hackthebox.eu/discussion/comment/59536/#Comment_59536

    TazWake

    Happy to help people but PLEASE explain your problem in as much detail as possible!

    Also: https://www.nohello.com/

  • Type your comment

  • Type your comment> @TazWake said:

    @Lu5i4 said:

    Ok, I need help with the reversing of the exe file. I've used strings and IDA (not PRO) but I can't see any helpful information... any hint?

    https://forum.hackthebox.eu/discussion/comment/59498/#Comment_59498

    Ohhh cool! I got it, thank you so much!!! :)

  • struggling abit with nest, enumeration isnt playing ball..

  • Rooted all on kali.
    TBH, i really do not get the reason why this box is rated easy.

    echo start dumb.bat > dumb.bat && dumb.bat
    doh!

  • Got User, had some trouble to get the ADS with Linux. It seems that the password i found is wrong for D***G, may I missed something ?

  • @DonDon69 said:

    Got User, had some trouble to get the ADS with Linux. It seems that the password i found is wrong for D***G, may I missed something ?

    Possibly - Is the first and last character the same letter, just different case?

    TazWake

    Happy to help people but PLEASE explain your problem in as much detail as possible!

    Also: https://www.nohello.com/

  • Type your comment> @TazWake said:

    @DonDon69 said:

    Got User, had some trouble to get the ADS with Linux. It seems that the password i found is wrong for D***G, may I missed something ?

    Possibly - Is the first and last character the same letter, just different case?

    Thanks guys, got it now with the help of you all! You're amazing and thanks to the creator. Didn't know this "way" exists with Windows / Samba.

    Hack The Box
    Anger is more useful than despair - T800

Sign In to comment.