I think I need some hint for the user.
I found the new location, then go to p*************.**p, I think I must use it to access /***/ but then I don’t know what to do. I tried some request (through the first page) but nothing happens.
I started working on the machine yesterday and I noticed the defaced website, I even have the screenshot made for my writeup. But today when I started again, I don’t see any website. The direct IP access redirects to http://forwardslash.htb/, I don’t see any website, instead I have regular Firefox error “Hmm. We’re having trouble finding that site.”.
I had reset the machine a couple of times, change LAB to US VIP and retuned back to EU VIP, same, its weird!!!
Something wrong with the machine?, did anyone noticed this behaviour?
I started working on the machine yesterday and I noticed the defaced website, I even have the screenshot made for my writeup. But today when I started again, I don’t see any website. The direct IP access redirect to http://forwardslash.htb/, but I have regular firebox error “Hmm. We’re having trouble finding that site.”. I had reset the machine couple of times, change LAB to US VIP and retuned back to EU VIP, same, its weird!!!
Something wrong with the machine?, did anyone noticed this behaviour?
I started working on the machine yesterday and I noticed the defaced website, I even have the screenshot made for my writeup. But today when I started again, I don’t see any website. The direct IP access redirect to http://forwardslash.htb/, but I have regular firebox error “Hmm. We’re having trouble finding that site.”. I had reset the machine couple of times, change LAB to US VIP and retuned back to EU VIP, same, its weird!!!
Something wrong with the machine?, did anyone noticed this behaviour?
Your /etc/h*** file is intact ?
Yes, I removed the entry and tried - same, also add the entry and tried same error as well.
The site is still fine after I restarted my connection, on US VIP 25.
Try to ping the hostname, if ping = no resolution, → problem with your /etc/h* file, confirm by ping on IP
else if ping resolution ok & fail, something with your machine
Verify if you still have access to previous boxes also.
I’ve found the n***.**t and am trying to find the b****p referenced in there.
I’ve been enumerating with various wordlists the past couple hours but I cannot find the next message or page. I would appreciate a nudge to find the next step!
root@forwardslash:~# id
uid=0(root) gid=0(root) groups=0(root)
Rooted! Wow, what a frustratingly entertaining box! This really will test your enumeration skills and you’ll be punished for shortcuts and bad habits. The first half is definitely the difficult part of the box.
Also, knowing a bit of python and/or bash will definitely help on this one.
Great job creators, even though it didn’t necessarily introduce anything new this was a good reminder to keep your house in order when doing enumeration and to keep everything!
I teamed up with @taiQui for this box, and i’d like to thank him for the teamwork and sharing his coding skillz with me, it was awezum.
Sure, PM for nudges, but I won’t give you solutions straight up. Have you really tried harder? Too many skids trying to get ez flags
Finally rooted. User was way harder and took me much longer than root, but I solved one critical step for root before I got user.
Thx for the box, learnt quite a lot!
Finally rooted. For me personally it was rather hard, fell for a lot of rabbitholes.
Great box, learned a lot.
User: Keep it simple, usual enum should to the trick. Don’t overcomplicate things
Root: Understand what the code is doing, maybe even do it by hand will help a lot
Do not forget to clean the box after you’re finished, it won’t do it by itself.
initial: keep it simple. enumerate properly. This part NOT HARD
user: try to understand what binary does. One you get it you can do it with one line bash script
root: In my way I did NOT crack anything. Try to create your own encrypted lu** ig. It is up to you what put in that ig.