User: at first it looks almost like a ctf, enumerate the ports and focus on the “small” ones, you will easily find interesting information to use against another “small” port. The rest is straightforward, look for the first service you see and search on the internet.
Root: Slightly more complex, the machine runs another different service, search about it and “try harder”. If you receive a 404 at the access is because your network probably shouldn’t have access to that service, get help maybe by going through a tunnel. Forget the reload button and wait. Perform the procedure multiple times if you fail. Sooner or later it will work.
ok I’ve been trying to repeat the last step for hours. I think the instructions are not actually correct. Click query when you’re done
I’m confused about the ++ thing. I think I know what port it is listening on. At this point, I’m not even trying to create a tunnel. All I’m trying to do is verify I can interact with it on the remote machine as the N***** user. Shouldn’t I be able to curl the in*** .h*** in the w** directory? When I try to that, I get a “Connection was reset” error message. Why does that happen?
Same here. Even with the port forwarding i didn’t see any login page.
By far the worst box HTB has ever hosted.
Complete waste of time, except for those who like working on their F5 pressing skills.
If you’re stuck at the root part, it’s probably not your fault.
User: at first it looks almost like a ctf, enumerate the ports and focus on the “small” ones, you will easily find interesting information to use against another “small” port. The rest is straightforward, look for the first service you see and search on the internet.
Root: Slightly more complex, the machine runs another different service, search about it and “try harder”. If you receive a 404 at the access is because your network probably shouldn’t have access to that service, get help maybe by going through a tunnel. Forget the reload button and wait. Perform the procedure multiple times if you fail. Sooner or later it will work.
I am also getting stuck with 403 error with a password i found in a file that seems should be correct. i Still havnt used any of the 7 other potential credentials either. Can someone give me a nudge… Thanks
I am also getting stuck with 403 error with a password i found in a file that seems should be correct. i Still havnt used any of the 7 other potential credentials either. Can someone give me a nudge… Thanks
Maybe you need to bring it to you, it’s not saying the password is incorrect, just you’re not allowed…why not?