ServMon

@VbScrub said:

I don’t really know why you’d need to automate that part.

Fun?

To be fair I did it simply because it was easier. I’d already dumped the data into two files because I didn’t know what would be needed so running a tool became a simple single command line.

100% agree though, I think there is less than a dozen possible combinations so manual is not much more effort :smile:

@TazWake ah yeah in that case fair enough. In my case I think it would have been more effort to create the separate files and set up the automation than it would to just copy and paste a few password attempts :slight_smile:

Either way, each to their own and I’m certainly not saying its a bad thing to automate it, just clarifying that you don’t NEED to do it for any part of this box. Don’t want people to get the wrong idea and start trying to brute force things lol

Type your comment> @VbScrub said:

I don’t really know why you’d need to automate that part. There’s only 2 usernames to try and only a handful of passwords. Took me 3 manual attempts to get the right combo. I guess in the real world you’d probably have a lot more data so its a good idea to get used to automating these things… but for people just wanting to complete this machine, you don’t need to automate anything on this box.

+1, i try one by one and found true combination in 1 or 2 minute

Rooted via web GUI. Am interested in how the API method worked, if anyone wants to share. I can expose first few chars of root flag as proof if needed.

User was just connecting the dots, Root was really pathetic from the stability perspective even in the VIP labs

Got root!

Actually, it’s easy machine and lots of scenarios relevant to OSCP’s.

However, this machine has a pretty annoying way to be exploited, especially for public machines like hack the box.

The idea of the box is great but in practice it is awfully bad because people tend to reset it. Rooted.

Spoiler Removed

easy but intriguing box.
User took me more than necessary because of ■■■■ overthinking.
Root was quite challenging because the box seemed not really stable

pls dont reset again and again

Am I missing something? I see user.txt, which is empty?

somebody deleted the hash than. Reset box to get it back…

Rooted! What a funny box. Getting user.txt was easy, yet getting root with the connection problems was a challenge. An advice I can give you is to be patient and try harder. And, if you find something interesting to get root, don’t follow all the steps, try to think a little bit outside the box. If you need a hint, just send a PM.

Hey guey, I pretty new to windows machines, so im lil bit stuck. I found 2 Net*****.log and host , hostname : ServMon and Domainename , could anyone help me with what particular file should i look for.

ROOTED!!
thanks to @neon45 for the nudges.
User is just a search away.
for root use the API and read the doc carefully. don’t struggle with the WEB UI
PM for nudges :slight_smile:

rooted now, thanks to all for the help and for your patience Pegasys14

Rooted. Combination of GUI fun and CLI fun. Refresh, refresh, refresh. Eventually it works.

i think anyone cant access the web page of ++ service
i can not get root with this way
someones reset again and again, someones bruteforce but they dont know ehat bruting for and machine get slower and slower again, really stressful minutes :angry:

Rooted. Found an easy way to reload modules via the webui. No need to reboot the machine. This one was pretty fun enumeration wise.

Feel free to PM for any nudges.

I can’t find the webui. Did you find using dirb or gobuster?