Quick

Absolutely hate @MrR3boot 's boxes and this one also.
Literally every step is hard
Spending hours in guessing game, cracking unusual hash and figuring out that it is someone else’s changed password.
It’s like if you thinking “no, it cant be this way” - it is definitely this way.
Rooted couple of days back, with a lot of help, thanks everyone for it.

Hi,I can’t find username for login page.I try all of names from main page and client page and about page and combinations but non of them works,any help would be appreciated

rooted! Awesome box - probably the one i’ve enjoyed most!
Awesome work putting this one together.

rooted first impression is awesome
if anyone stuck DM for hints

Epic box @MrR3boot, loved every part of it :wink:
Open for nudges.

TIP: Script everything.

What a fun. Someone deleted id_rsa which cost me a lot of time…

can anyone give me a hint for root, I’m sitting here with a ssh connection as s****m and am sure I’m missing something obvious

I have find creds to connect to login.php, but I’m stuck there, I know there is something in t****t.php but I’m not getting it, some help would b great

Type your comment> @fireblade said:

can anyone give me a hint for root, I’m sitting here with a ssh connection as s****m and am sure I’m missing something obvious

Stay at home, enumerate all the files you can access. Perhaps two things don’t go together

Type your comment> @GGh0st said:

I have find creds to connect to login.php, but I’m stuck there, I know there is something in t****t.php but I’m not getting it, some help would b great

I’m at this same point. Not sure what to do next. I’ve enumerated via s*****.p** and also noticed you can manually change the id, but not sure how to leverage this to get anywhere.

What did people use to do the first ‘thing’, I am trying curl but cannot seem to get it to work - tried updating curl. Any advice would be useful.

Rooted finally, THANK YOU to everyone that help me along the way. A good box, frustrating when you over look obvious things but some good things learned.

@bashsquid said:
What did people use to do the first ‘thing’, I am trying curl but cannot seem to get it to work - tried updating curl. Any advice would be useful.

Get a really new version of curl and make it yourself.

Wow, rooted.
Thank you @MrR3boot, Great box again.

Type your comment> @Bearcban said:

Type your comment> @GGh0st said:

I have find creds to connect to login.php, but I’m stuck there, I know there is something in t****t.php but I’m not getting it, some help would b great

I’m at this same point. Not sure what to do next. I’ve enumerated via s*****.p** and also noticed you can manually change the id, but not sure how to leverage this to get anywhere.

Look at the headers? There is a clue, then Google which should bring up some interesting information.

root’d this last night. The beginning of this challenge had my eyes rolling because i thought it was typical HTB. Apologies, @MrR3boot
In fact, this is one of the funnest boxes that I’ve done in a while. It wasn’t too hard and it allowed me to create a few simple scripts to eventually root it.

I’m not sure what was said in this thread, but if anyone needs help, let me know.

Type your comment> @ps9786 said:

@bashsquid said:
What did people use to do the first ‘thing’, I am trying curl but cannot seem to get it to work - tried updating curl. Any advice would be useful.

Get a really new version of curl and make it yourself.

I have done so already.

Think I am getting the syntax wrong, it should be working… As it works for the test pages - anyone have any ideas?

phew, finally rooted. Though I found other weakness in the code, couldn’t exploit that.
This machine took my lunch time and beer time for a couple of days :slight_smile:

PM if you need help

This box showed me all kinds of new stuff, thanks for that @MrR3boot !
Unfortunately due to all the resets and connectivity issues, it was rather hard…
I just took it slow with Quick :slight_smile:

PM or Discord #4092 for help

Wow rooted!!

It was a great box overall that made me learn, i probably liked the most using this new technology and lateral movement from user 1 to user 2.

Thanks @MrR3boot for a great box!

Can PM for nudges

root@quick:~# id && hostname uid=0(root) gid=0(root) groups=0(root) quick