Multimaster

Just rooted need help? msg me

Arrexel

First tell me your problem and if you like my help give +1

Since I have lots of time waiting for loot to drip character by character I might as well ask here - is it even useful to enum database? It’s probably 10th hour or so and I am at 9/17. Will I get 18 this way or is it waste of time?

Finally rooted, it’s a machine driving me crazy. Can’t do that without @TazWake , also thanks to @n33r47 for a nudge. DM me if anyone need a nudge.

So i finally did it.
This is indeed a huge behemoth of learning experience.
Again, thanks to @TazWake for nudges and sanity checks.
I have nothing to add to the hints already given here, so i will not deep dive into every single step.
The only suggestion i can give is: take your time, don’t forget to consider every single detail while enumerating the machine but be careful because there’s the risk of fallint into a huge rabbithole…

hey there, why i’m always get this error, when i running DS*w

COM call "(*vssObject)->InitializeForBackup" failed.

I found a few hashes from the DB.
Any nudge on how to crack these?

edit: nvm, figured it out :smile:

Got the root flag a couple of days ago, and finally managed to get a root shell. Thanks @TazWake for the nudge at the end!

Hi,anyone can give some hint how to go ahead about this lab…
Scarching heads…

@encroachdcs said:

Hi,anyone can give some hint how to go ahead about this lab…
Scarching heads…

This is definitely an insane machine. Pretty much every step of the way is challenging and requires some element of manual exploitation.

The best I can suggest is have a look to find something which allows you to post data. Play with that a bit until you understand the response. Then with a lot of trial and error you might find a way to inject requests which get a response you want.

Finally rooted and what a machine. I learnt an absolute truckload doing this machine and it is the best box that I have done on HTB to date.

Great work @egre55 and @MinatoTW

Edit: nvm

Just rooted the box and by god what a journey it was thank you guys for this box =) if need any help DM

Pretty sad to see this box is going to retire this weekend. It was so hard.

@TazWake said:

Pretty sad to see this box is going to retire this weekend. It was so hard.
Totally agree with you, too sad. it was a great box !
I though they will at least release an Insane Windows box to replace it but no, instead *nix :confused:
Too much *nix machines, not enough windows machines.

@Caracal said:

Totally agree with you, too sad. it was a great box !
I though they will at least release an Insane Windows box to replace it but no, instead *nix :confused:
Too much *nix machines, not enough windows machines.

Yeah - it does seem like there is a bit of an imbalance!

However, with the insane boxes, the OS doesn’t matter to me, its all a living nightmare.

I still feel the weeks I spent with Multimaster. I’m bit a sad on it’s retiring.

@gunroot said:

I still feel the weeks I spent with Multimaster. I’m bit a sad on it’s retiring.

I am genuinely excited about seeing some write ups though.

There were steps on this box where it took hours to get anything and I’d love to see if there were better ways to progress.

This box caused so much mental pain…

@TazWake I think some steps are intentionally designed to spend weeks and months. ?? Almost 4 users are in the machine.

I did the box (user and root) in about 15min using the Zerologon attack CVE-2020-1472 which is a dangerous flaw in Windows Server systems and originally disclosed in August. An exploit exists, check the official writeup.

Type your comment> @k4wld said:

I did the box (user and root) in about 15min using the Zerologon attack CVE-2020-1472 which is a dangerous flaw in Windows Server systems and originally disclosed in August. An exploit exists, check the official writeup.

yikes