Traceback

Spoiler Removed

guys plzz tell me how to solve the error of .lau file… i am stuck there for a long time… plzz do reply

Rooted!
Fun box, but a little weird in the beginning when you have to guess the right backdoor.
User: after getting the first shell, no need to write your own script - GTFO will help you
Root: as it was mentioned several times, pspy…but be careful. it is not CP you really need. Again, no need to write your own script - pentestmonkey is the best solution.

Awesome box! Really good to repeat all the basics you have learned through previous boxes.

finally rooted !!!
amazing box thank you Xh4H
amazing help from the guys also thank youu

foothold : work with what you have and use google
user : you can do more than you think
root : don’t forget to give your self your apartment key and be quick

Ping me for help

It would be nice if people would stop putting stuff in the user’s home folder.
Please use /tmp or /dev/shm people!

finally rooted, easy but funny and informative box
root part is the funniest part :smiley:

pm me for any hint :slight_smile:

thank for this machine

I’m at the beginning of hackthebox, and I don’t know much about OSINT, could you give me a tip?

Rooted! That was fun. PM me for hints! :slight_smile: Shout out to @Xh4H for a beginner-friendly box! This is my second active machine. Thanks for everyone who helped me along the way!

Type your comment> @Oliba said:

I’m at the beginning of hackthebox, and I don’t know much about OSINT, could you give me a tip?

The info you need for the foothold is on the page. Perhaps check more that what is immediately visible.
Basic OSINT starts with some Google’ing.

ouch someone just overwritten the initial foothold…

Some funky stuff is happening, I think the main file you need has been removed too. In the mean time for an absolute noob like me after accessing the webshell can I get a hint on how I can actually ssh into w******n?

Type your comment> @Oliba said:

I’m at the beginning of hackthebox, and I don’t know much about OSINT, could you give me a tip?

search for the author on google . you will find something intresting

Type your comment> @FlatMarsSociet said:

Type your comment> @Oliba said:

I’m at the beginning of hackthebox, and I don’t know much about OSINT, could you give me a tip?

The info you need for the foothold is on the page. Perhaps check more that what is immediately visible.
Basic OSINT starts with some Google’ing.

Are you talking about w** s**** hint?? How do you access it without uploading??

@alalno said:

Are you talking about w** s**** hint?? How do you access it without uploading??

You don’t need to upload any web shell. The “evil hacker” who defaced the website already left one for you on the server. You just need to find it via basic OSINT/Google-fu :wink:

Is Box Broken?

@TheUndergrad said:
Is Box Broken?

Just tried. The initial foothold and also user are working fine. Couldn’t test root, since the box just got reset.

@TheUndergrad said:

Is Box Broken?

Lots of people dont understand what they are seeing and reset the box because they dont get the response they expect. This means that for about 20% of the time the box is probably rebooting.

can someone plzz give me nudge on root…

Hey all! Just finished rooting this box, thanks Xh4H for the fun machine!

My hints:
User: Not every webpage is as it appears… try inspecting further into the message left by the creator. Finally, google away! List out your ideas if it helps.
Root: Basic unix enumeration tools should help you here. Pspy is great and will help to know when your target is run so you can trigger it yourself.

Feel free to message me for any hints or nudges!