Nest

@BissoRM said:

Hi

So, I already get the DMP***.txt file and reversed the .exe. I’m trying to read the hidden content of the file changing the data s****m but don’t worked. I’m getting the wrong way here or i just missing something?

First Time commenting, Thx for the help in advance.

If you google the tool and the way the data is stored, there is an article on SuperUser.com which answers this for you.

Thanks for the Box. 2-9- Bytes later. Who needs Windows ha!

I managed to get the content of the important file for root. But I dont understand why my Method worked. If someone can PM me I would appreciate it a lot! :slight_smile:

Type your comment> @HackingFish said:

I managed to get the content of the important file for root. But I dont understand why my Method worked. If someone can PM me I would appreciate it a lot! :slight_smile:

And I dont know what to do with the .exe. Help plz

SMBClient shows “NT_STATUS_CONNECTION_RESET” and “Error NT_STATUS_IO_TIMEOUT” errors. Is that normal? or is it due to network issues?

@username2020 said:

SMBClient shows “NT_STATUS_CONNECTION_RESET” and “Error NT_STATUS_IO_TIMEOUT” errors. Is that normal? or is it due to network issues?

I think it implies something isn’t working. It could be that you’ve requested a share which doesn’t exist or you dont have access to, or made a request in a manner it doesn’t understand, or there is connectivity problems.

Just finished the box - what a ride! Huge thanks to @VbScrub , this box was awesome! Really looking forward to you next boxes.
While I personally found it challenging, I can understand why this box was rated easy - once you chose the appropriate tools, everything is evenly laid out for you. The difficult part is of course knowing which tool to use :wink: But then again, that’s when this thread comes into play for grabbing hints and nudges as you need them.
Thanks to @alcatrazk and @NobodyTellsMe for helping me out when I got stuck!

Anybody else having troubles with the box periodically going down?

For those wondering how you can connect to the service using netcat, just use the -C switch. This will append a CRLF to your data exactly like Telnet does by default.

I don’t know if anybody else mentioned that trick in that giant thread, didn’t read all pages

User was a real pain but root was easy as f***

Rooted! thanks @VbScrub for the box and thanks @Xurfcha for the help , i learned a lot. Ping me if you need some help

Not the challenging part of the box im sure but im struggling to extract the ADS fron D**** M*** P*******.txt…no bueno for everything i try…

@ByteM3 said:

Not the challenging part of the box im sure but im struggling to extract the ADS fron D**** M*** P*******.txt…no bueno for everything i try…

You’re 100% right it’s not. Take some time to research it well first - then there’s a very simple way to extract it / create them in Windows. #TryHarder let your interest guide you! :smile:

Type your comment> @Deflncha said:

You’re 100% right it’s not. Take some time to research it well first - then there’s a very simple way to extract it / create them in Windows. #TryHarder let your interest guide you! :smile:

Yes, i’ve tried hard. Ive tried for about half a day reading and trying cmd line, powershell, linux, even GUI tools! But nothing!

Rooted.

Rooted.

Cool box, took me a while to get user… Had to research visual b. but when i got it, it was easy.
Root part was interesting, but not that exhausting as User. Same method and just right stuff. Got stuck on high port, but I was on the right track. just needed to think behind a little bit… After that it was fast.
Learned new tools! Thanks!
All i needed was Kali Linux and one cool tool from github

I can´t read the info in the empty file… some one can help me on PM?
I know that is an NTFS capabilitie, but even in Windows i can´t read the S****M…

There are many hints in this thread regarding this. The way you read will depend you do that on Linux or Windows. Google it.
Personally i just used s*******t on Kali.
Btw use MAN on that tool to see what you need.

For the root, i cant download the exe for reversing it : what tool should i use for ?

Managed to get root! I can definitely see why a lot of users are wanting to push this into the medium category. However, it is clear the creator does not expect anyone to be an expert at reverse engineering binaries. I was stuck for a while because I was overthinking things and examining the functions inside and out. You don’t need to do that. Honestly you only need parts of them and you can just use them without really knowing what’s going on internally. If you’ve spent a lot of time reading the code, you probably haven’t enumerated enough. PM me if you want hints towards tools or getting flags in general.

Ok sucessfully rooted. I really wonder how realistic the very last part is. Maybe someone can put this a little bit in perpective. Is the HQK Service totally miconfigured or is it quite realistic? Also i would like to know if this LDAP.exe is part of the real HQK Software or some custom add-on some imaginary Programmer wrote :smiley: Does somebody know and worked with Services like that?#

Edit: Nvm, just found out HQK ist a custom programm of the box Creator :sweat_smile: