Dyplesher

hmm, Is it possible to reset the box when it reaches the reset limit?

if anyone is stuck u can pm me on discord impulse#9458

Spoiler Removed

Ok hear me out…this box should award half a user flag at some point. This thing is deeeeeep

Rooted… definitely a tough box. But I learned a lot.

Got root. Nice box, but sometimes you have to guess. Thanks @justAhmed and @froster for supporting at user part.

Guys… can someone provide me a clue to the coding step?

Running out of ideas here :confused:

I’m pretty confident I’m coding right… but not sure how to take advantage of this.

Edit:

Thanks @HomeSen for the help on the plugin part! :slight_smile:

Rooted.

Excellent box! Very creative :blush:

Rooted. This was a nice box. The initial Pln relo*g part is really really tough. But managed to write a plu**n with some help. Root part is much easier than user. But definitely, it’s a tough box for me.
Thanks for the adventurous box creator.

Wow what a ride! I loved writing a malicious p***** for S****, which I used to develop for when I was younger. Thank you so much @felamos and @yuntao for creating this box!

For those are stuck here are some hints, you can also message me if you need a nudge.

Initial Foothold: Mainly web and testing things. Have a look at what is there and piece it together. Once you have access to something that seems interesting do some experiments to see if you can get a shell.
User: Have a sniff around and see what you can find.
Root: You have sniffed something that smells good, plus there is a trail of easter eggs that you need to follow.

@pinnn said:

hmm, Is it possible to reset the box when it reaches the reset limit?

Yes.

Rooted. PM for hints :slight_smile:

What a crazy, deep machine! Took me a full week to complete. Just realized you get a badge “bedrock breaker” when owning it, lol, that makes sense!

Need a nudge on foothold , found login creds on 3000 but stuck after that

Type your comment> @CH30nJa3 said:

Need a nudge on foothold , found login creds on 3000 but stuck after that

Have only vague memories and a xmind map saved, but if you have the f… login, it means you are on the right track.

Very interesting box until now!! I’m near the user flag, and without IDE for the Java part :slight_smile: Not so Insane for the moment for me compare to MulltiMaster but nevertheless I am sweating…

It may get tough after certainly… :cry:

Edit: lol the Boxes are not isolated between them? I can see Alf**d from this VM on UDP port 9256:

A6065483524Alfd.#Main.00…10.10.10.74.clBlack…Alfd.A141103064O10.10.10.74.23.A341804448MAlfd.1A168749344MAlfd.0

Can anyone help me on the root part?.. I’m lost. I try to follow the white rabbit without success…

Can some one help me, i m stuck in enumeration part

Type your comment> @Impulse said:

if anyone is stuck u can pm me on discord impulse#9458

Please help me in enumeration part stuck in it

@prashantbhatt said:

@Impulse said:

if anyone is stuck u can pm me on discord impulse#9458

Please help me in enumeration part stuck in it

First - dont take this the wrong way - but this is an insane box. It is one of the harder insane boxes as well. I strongly suggest you work on other boxes first - checking your profile you have only rooted Magic, so you would be much better working through some of the less challenging boxes.

With this box you will need to generate custom code, possibly in multiple languages. The enumeration phase is genuinely the easiest bit as it is fairly standard for HTB boxes.

So, if you really want to try this box:

  • Run nmap find open ports.
  • Look at the responses on the ports to see if anything needs to be changed in the Hosts file
  • Visit the services running on ports to gather information on their output
  • use a common directory tool to look for possibly hidden folders or files as these may contain useful information

When you have all this, analyse everything you have and determine a way forward.