Registry

Are the files I upload suppose to disappear? Can’t find a way around it :neutral:
Any nudges?

Type your comment> @gu4r15m0 said:

Are the files I upload suppose to disappear? Can’t find a way around it :neutral:
Any nudges?

Yea, gotta be fast.

Finally rooted. Thx for this cool box!

Solved my problem. Got user. On to root.

Does any1 have some FAIR documentation how the f* the r***** works? I cannot set up my server :S

Stuck on a login page for the c*s. :confused:

Done!

Welcome to Ubuntu 18.04.3 LTS (GNU/Linux 4.15.0-65-generic x86_64)

  System information as of Tue Mar 10 05:37:54 UTC 2020

  System load:  0.0               Users logged in:                1
  Usage of /:   5.6% of 61.80GB   IP address for eth0:            10.10.10.159
  Memory usage: 23%               IP address for br-1bad9bd75d17: 172.18.0.1
  Swap usage:   0%                IP address for d----0:         172.17.0.1
  Processes:    159
Last login: Tue Mar 10 05:37:27 2020 from 10.10.14.36
root@bolt:~# sha256sum root.txt
029b18b4c0e2194ef4be039b9e362d32522a5b8ab5141af4487293e338d763fe  root.txt
root@bolt:~#

Great box, love it! Thank @deluqs 's help

I am stuck with the first user. I was able to s** in as b***. I found the login page but I can’t find login info. I tried a few basic username/password combos. Am I supposed to find it from /v**/w**? I found a few things but I am stuck.

Any help?

Any hints on finding creds for the login page?

Type your comment> @nando740 said:

Any hints on finding creds for the login page?

Explore the web server directory where you would find files associated with the web app. There will be a file of interest. :slight_smile:

Type your comment> @nando740 said:

Any hints on finding creds for the login page?

Think about where do webapps usually store creds, and look for that between the folders you can read.

Thanks. Had already thoroughly explored those dirs, but did not think about explore that file in so raw way. Had tried its utility (not present in the system).

Can concentrate on the vector now. A lot of RTFM of that r****c thing ahead. :frowning:

And rooted :blush:

Pulled hair on finding creds to the app (respects given to the helpers), but after that, the service manual solved the rest.

Type your comment> @grav3m1ndbyte said:

Not like this box is hard or easy or whatever, but most of the things I’ve found through the initial foothold has led me nowhere or to what looks to be a deadend, and…I’m confused to be quite honest. Can someone help out? If so, PM me.

Rooted! Got stuck a couple of times because I was overthinking it and in one instance I did not think outside the box when trying to approach some things. The box is not as hard as it first might look like.

If you have never used the technologies present on this box, be prepared to spend several days reading documentation, trying some things, failing miserably, and trying something else. However, this is the point. If you do not spend the time to understand how things work, then all you have is a little trophy in your HTB trophy case. Maybe that is enough for some.

I know that some have mentioned you can do everything you need locally on the machine but I was not that lucky. I needed to host a server on the last step, which worked like a champ (again after reading documentation, trying some things, failing miserably, and trying something else). If you have the root directory, you have the root shell.

Happy to help anyone who needs a nudge. Send me a DM. Let me know where you are stuck and not just “I tried a bunch of stuff and nothing worked”.

Well that was a challenge and then some. Thanks to all who have left cryptic hints on here, even though I found them as frustrating as the box itself at times. Lots of stuff learnt in the process of getting this box and probably the most satisfying root prompt I’ve ever got.

Hi all,
I am currently on user b***. Can’t seem to find a way to get my reverse shell to work as it keeps timing out. Looks like outbound connections are blocked or something. Can someone give me a tip on how to work around this? What am I missing/do I need another approach?

update: figured it out

Stuck at the foothold from much time, the d****.r****y.h not showing any kind of results.
If anyone could give a direction it’ll be appreciated

Great box @thek !! Very hard root for me!

Rooted
PM for help :slight_smile: