Cache

Type your comment> @Kaiziron said:

May I have a nudge, please? I found cred and then stuck in the n**.h*** with a 4***2.j not sure if it is a rabbit hole.

im stuck here too, i tried to steg the 4*…2.j* file and several .j** files, but i cannot get anything :frowning:

Type your comment> @rfg said:

rooted
Interesting machine ; good job
user : enumerate and enumerate and enumerate and enumerate and enumerate and exploit …
root : remember what you see when you open the door and privesc :slight_smile: like a charm
thank you for the box

even i rooted the box, i dont know what you mean by this and how is this related to the machine

Don’t go to the wayback machine and search for http://cache.htb
It will not end well for your eyes (or maybe it will I dunno what stuff you 're into).

Someone is also destroying the whole functionality. Please be more gentle, it requires brain not brawl. I have to reset again due to this mess.

HINT: For the initial foothold you don’t need OSINT but that author is telling you something interesting.

ANOTHER HINT: If you found the vulnerability do not change the globals file, it breaks our experience. Modify the POC you found on the internetz accordingly.

Since I have the feeling that many people struggle with the initial foothold here is my tip: Don’t rely on the usual enumeration tools (this time they won’t really help). Enumerate manually, read carefully the information you can find on the website and try to find more information about the author

Rooted. If you need a nudge, DM me.

very fine machine

root@cache:~# ifconfig ens160 | fgrep 10. | awk ‘{print $2}’ && whoami
10.10.10.188
root

calipendula
for nudges ONLY on discord calipendula#1089

Spoiler Removed

Box complete. Nice box but I got root before user so I guess it was not the intended way.

Type your comment> @sparkla said:

Someone can give me a little nudge: Is this REALLY osint for foothold or are you guys joking?
yes

@xrchsploit I was dying laughing when I saw that on wayb too… haha. I didn’t dare explore it though.

Type your comment> @sparkla said:

Someone can give me a little nudge: Is this REALLY osint for foothold or are you guys joking?

lol this part actually took me the longest. Not OSINT but there is a clue on one of the pages. With that info think how you can discover that thing.

Type your comment> @xrchsploit said:

Alright not even 20 minutes in and I already have a pro tip, on the wayback machine if you do what I did and search for the box, do read the title of what comes up ■■■■■ saw more than a rabbit hole O.o

This is gold haha

Oh great, someone is constantly changing the password to H**…

Struggling for auth on h**.. I’m looking at what look like M* backups. Is this a rabbit hole?

Almighty spaghetti monster, that o*E thingy is crapping out all the time. Can’t even type anything in it dies so quickly. Naturally dunno if creds are not working 'cause people are messing with it or if it’s intended.

Should you be able to use the creds on first place on the other place ? Not sure if I need to reset again because some idiot changed the password.

Rooted !

Pretty interesting box :).

PM if you need some nudge

people stop resetting the box!!!
i have been trying to access the url for the last 15 mins and i cant!
just terrible !

Same here, it’s supposed to be an entertaining experience but it’s not. I would really like to suggest a penalty on multiple box resets. This is not fun anymore it’s just frustration.

always Connection Time Out