why does it say my flag is incorrect even after resetting it?
The dynamic flags should change on each reset. It probably takes a few minutes after a reset for the flags to be working but I’ve no idea how it works on the backend.
If you have problems with this, you need to raise it with HTB via Jira so they can understand the scope of the problem. Jira Service Management
why does it say my flag is incorrect even after resetting it?
The dynamic flags should change on each reset. It probably takes a few minutes after a reset for the flags to be working but I’ve no idea how it works on the backend.
If you have problems with this, you need to raise it with HTB via Jira so they can understand the scope of the problem. Jira Service Management
How are people getting ideas of OSINT? i see it nowhere in the page source!
and also the author has collection of web-shells? but how do i use this info?
and also how do i use OSINT to proceed further?
The author has a collection of webshells. These are .PHP. you are attacking port 80. Maybe you can check for webshells already installed?
They are gone now as of the submission of this comment. Finally once i got an idea of how to approach after the OSINT, it’s gone.
Not sure what’s going on but that’s not cute, man lol. People need to stop ruining the fun.
I found the user.txt file but on submitting it’s showing incorrect flag
It could be one of many things.
It could be that the box has recently rebooted and the flag you found isn’t yet in the system. It could be that the box rebooted between you finding the flag and pasting it in.
It could just be a fault in the API for the flags and should be reported via Jira (Jira Service Management)
Rooted. It was not really difficult but I learnt few things during the process.
Initial foothold: standard dictionaries will not work, visit that web shells website and try.
User: check permissions you have and google that program.
Root: use an automatic privesc tool to find that process or monitor processes. Then google it and modify a file with your payload. Then when you log in, your payload will be executed.
Hi guys, i was wondering… I got the user and the root. But the Flag (submit flag) is wrong. I thought I had to paste the hash from the root as flag? Or am I missing something?
Hi guys, i was wondering… I got the user and the root. But the Flag (submit flag) is wrong. I thought I had to paste the hash from the root as flag? Or am I missing something?
Is this a problem with the flag submitting system?
I think Multimaster uses a dynamic flag - and it was one of the first to do so. The main advice here is to submit as soon as you root and if that doesn’t work, reset the box, wait a bit and see if there is a new flag you can use.
If you are having problems, it’s definitely worth raising a Jira ticket Jira Service Management
I think the biggest issue is on boxes where you have to do several steps to get root - resetting and retrying may well become tedious. However, on this box it should be ok as you can log in & exploit fairly quickly.