Quick

1246713

Comments

  • Is it expected to brute force user/pass for part of the initial entry?
  • Type your comment> @MalwareEater said:

    Is it expected to brute force user/pass for part of the initial entry?

    no, pure brute force is against the HTB rules for machine creation/submission

  • Spoiler Removed

  • Rooted. The initial part of this box was pretty annoying. Thanks to @Chr0x6eOs for the nudge. I know @MrR3boot doesn't require us to brute force anything, but this one seemed to require a lot of educated guessing. After the initial login, it was pretty straight forward. Thanks for the box @MrR3boot. The reward for my labor is a freshly compiled copy of c*** with fancy new features.

    OSCP, SSCP
    seekorswim

  • i keep getting Error retrieving URL at the p portal....that should make sense anyone else

  • Spoiler Removed

    0x41

  • Can anyone give a nudge how to be fast enough to catch the right moment?

  • edited April 2020

    curl: (7) Failed to connect to p****.******.**b port 443: Connection refused

    This is giving me a headache, any tips on what I should do or nudge in the right direction? Please PM

  • @xrchsploit said:
    curl: (7) Failed to connect to p****.******.**b port 443: Connection refused

    This is giving me a headache, any tips on what I should do or nudge in the right direction? please PM

  • Finally rooted! What a ride, although user2 -> root was surprising, initial access and pivot was a test!

    PM with what you've tried, where you are, and what you think needs to happen before giving nuggets

  • Got user, I can sleep now.

    PM if you're stuck

  • Type your comment> @Brogramm3r said:

    Got user, I can sleep now.

    PM if you're stuck

    I feel ya. I was the 200th user flag submitted on this box just a few moments ago. Now I can sleep too!

    What a journey it has been

    d4rkm0de

  • Rooted. Thanks @MrR3boot for the great experience. Foothold and user parts were just awesome.

  • Spoiler Removed

    choket

  • Does the initial foothold relate to ssl cert of portal... or it is a damn rabbit hole?

  • Well damn....rooted, i need a lot of help at the end.....still not sure if i confused myself or what.... i will go through it one more time. hit me up i will be glad to help. if i miss you i am sorry. lots of pms coming in.

    @MrR3boot i think i lost a piece of me on that one haha

  • Does anyone get this error while accessing the p*******.q****.h** portal : Error retrieving URL, it works only when it wants i'm kinda stuck refreshing F5 ...

  • Type your comment> @Selcius said:
    > Does anyone get this error while accessing the p*******.q****.h** portal : Error retrieving URL, it works only when it wants i'm kinda stuck refreshing F5 ...

    Same here !

    EvilT0r13

  • i have had odd issues but not that one, i was getting socket error but it was self induced

  • @EvilT0r13 and @Selcius .....i think its due to multiple people on the box at the same time

  • Type your comment> @Selcius said:

    Does anyone get this error while accessing the p*******.q****.h** portal : Error retrieving URL, it works only when it wants i'm kinda stuck refreshing F5 ...

    Just have to keep refreshing, or use burpsuite's repeat...

    b3nn
    PM for nudges, but tell me what you've got so far. If I helped you, remember to give respect.

  • Could somoene sanity check me? I'm on the portal, working on getting a foothold. I've made an exploit and can ping myself from the box, but having trouble doing more. I can elaborate on what I've tried in PM if anyone's got a minute.
  • Type your comment> @EvilT0r13 said:

    Type your comment> @Selcius said:

    Does anyone get this error while accessing the p*******.q****.h** portal : Error retrieving URL, it works only when it wants i'm kinda stuck refreshing F5 ...

    Same here !

    same here!

  • Finally got user. It was pretty hard for me. Need some rest xd
  • Finally got root , really interesting box foothold and privesc were the best part !

    pm me for help

  • Rooted ! Enjoyed the box ! The only issue was the refresh battle in the end. Thanks to @stoneric for the nudge. Kudos to the creator @MrR3boot

    EvilT0r13

  • Type your comment> @EvilT0r13 said:

    Rooted ! Enjoyed the box ! The only issue was the refresh battle in the end. Thanks to @stoneric for the nudge. Kudos to the creator @MrR3boot

    if by refresh battle, you mean by lastest site, then using ssh tunnels helped for me

  • edited April 2020

    so. tbh.
    this was the best and cleanest box yet, c/o @MrR3boot
    which is great because sometimes they are a bit fantastical. which is also great but in a completely different way.

    this is also a reasonably helpful box for AWAE/OSWE prep, due to certain sections.
    so big-BIG thanks to the creator for multiple reasons.

    we appreciate you dude, despite the fact that we hate you often.

  • Can anyone double-check me on something? I have access to the UI with creds found earlier, have a type of callback working and am really close to getting the next level foothold - just stuck on the possible syntax or something really small I'm missing. Thanks.

    corpnobbs
    OSCP | OSWP | so much more to learn ...

  • All i can do with this box is now move on.
    Helpless and i have nothing left to try..
    This box may be the best ..but its super frustrating for me .

Sign In to comment.