Cascade

I see people talking about 3 users.
Are they counting r.*******n as the first one and s.****h as the second?
Anyway I got user flag and found an exe file enumerating a folder on a low port that I could not access before. Is that the way to root?

Thank you very much!

Type your comment> @TazWake said:

@corpnobbs said:

Anyone still getting Incorrect Hash errors when submitting the user.txt for s*****h user? I just reverted and still getting the error, plus the hash didn’t change after a revert.

Hopefully, people are reporting these glitches to HTB itself.

Same for me. I reported it, but nothing back yet. Thanks to @CGonzalo for the user nudge! On to root…

EDIT: after three resets, I got an new user flag

i got 3 users password…i still dont know how to get the user flag.

can anyone give me a small nudge

rooted finally. thanks @thammarit and @Boschko for patiently educate me . Thanks @VbScrub for the box.

Got 3rd user password. Found TA*, but no rights to restore it.
Any hints, please. PM me.

Rooted !!! Thanks for the nice not so difficult yet challenging box @VbScrub

Hints in the forum are more than enough to get you going, so won’t bother giving mine here. Just remember to be thorough with your enumeration and recheck if you think you have checked everything.

Also, if anyone’s stuck, I am open to DM :slight_smile:

Rooted ! Didnt realize I already completed user when I was already on the path for root. The whole machine was very enjoyable and learned quite several new things. thanks @VbScrub for the cool medium machine.

just curious, did someone manage to use ls*h to retrieve the necessary information for root? I also tried with this but it didnt work for me. PM me if you know how to query the information using that tool. thanks.

@zaphoxx said:

just curious, did someone manage to use ls*h to retrieve the necessary information for root? I also tried with this but it didnt work for me. PM me if you know how to query the information using that tool. thanks.

Pretty sure it can be done. Sent you a PM

Type your comment> @AwkwardUnicorn said:

Got it. Root much easier than user! IMO.

Tip for getting to U3 (where i struggled most)

You don’t need to run, or modify, any code. Just look at what you have and what method is used to make it… Once you know that, online tools help.

+1

First off, absolutely lovely of a machine to go through. I enjoyed it quite a bit.

Second, I am really glad the forum doesn’t really spoil anything and reiterates the idea of enumeration by hand.

Hints:

User - enumerate a service by hand. It might not return a lot of data without a proper search.

Root - keep searching with any new users you could possibly find. It’s there.

rooted! Fun box. Really liked this and Nest. Great job @VbScrub! Love the style. Please keep 'em coming.

This one felt good to get. Pm for any questions or nudges, always happy to assit!

Finally root the box. Thanks the creator @VbScrub for amazing machine. Thx for help me @tkuczyn , @rudem , @marlasthemage.

Hey guys. Im pretty stuck.
Been trying to get something valuable from the h*x of s*****h

I tried decoding it on kali and on windows using different tools but some chars drive me insane. I know what kind of file it is. I just dont find the tool or article on google a few people are refering to.
Any small nudge would be appreciated

Edit: Got it thanks to @thammarit … Actually kind of tricky when you do not find the article. Guess my google skills just suck

another great box from @VbScrub , I really appreciate the thought and effort you put into these boxes and the content you put out for the community, can’t wait for your next box to roll out

rooted! thanks @VbScrub :))

Thanks for the box @VbScrub, amazing, thanks to @thammarit to give me the correct parameters for the final step.

Guys, got the user flag but it’s not accepted by the htb platform (already know about the new rotate flag rule). I tried to reset the machine (flag still the same) and it does not work. Did someone have the same problem?

Edit: nvm, I waited for 10 min after resetting to submit, and (finally) it was accepted.

Spoiler Removed