Official Reel2 Discussion

Type your comment> @luca76 said:

Type your comment> @Zot said:

I successfully implemented a cookie stealer utilizing hashtag.php. So far, only snarfed my own cookie. The only place I can even get an href to render properly is my profile website. :confused: I don’t think this is a spoiler because it helps with absolutely nothing, more like a “don’t waste your time” spoiler.

For get a cookie just go on inspection browser and then on console and write “window.cookie” or tab storage cookie

No luca, I wasn’t trying to get my cookie, I was trying to steal whoever was in charge of the support boxes cookie. It’s all good, I got user now. To anyone reading this, FORGET ABOUT COOKIES! (like Luca said)

Type your comment> @Zot said:

Type your comment> @luca76 said:

(Quote)
No luca, I wasn’t trying to get my cookie, I was trying to steal whoever was in charge of the support boxes cookie. It’s all good, I got user now. To anyone reading this, FORGET ABOUT COOKIES! (like Luca said)

I have the user too, and I have a shell, but it’s not easy anyway, in fact I would say that now the road is uphill for me, I’m not good with P **** s *** l

managed to read the root.txt but didnt get a root shell. Anyone who managed to get a rootshell? :slight_smile:

I’ve been in a shell for two days without being able to do ■■■■, but what fucking witchcraft is this?

rooted without root shell. I don’t think this box could pop root shell, since we’re limited function :slight_smile:

Interesting, I have a fully functional user shell but not super clear atm where to go next.

Type your comment> @luca76 said:

Type your comment> @Zot said:

Type your comment> @luca76 said:

(Quote)
No luca, I wasn’t trying to get my cookie, I was trying to steal whoever was in charge of the support boxes cookie. It’s all good, I got user now. To anyone reading this, FORGET ABOUT COOKIES! (like Luca said)

I have the user too, and I have a shell, but it’s not easy anyway, in fact I would say that now the road is uphill for me, I’m not good with P **** s *** l

I’ve never used the… restricted environment (if you’ve made it to that user, which you probably have). So this is just going to be a lesson for me. As soon as I got user level access I busted out meterpreter. So navigating the system has been a breeze, but yeah, gotta study the docs for je******** you know.

Reel2 … i got root!! Insane and crazy box

Type your comment> @CyberVaca said:

Wtf winrm? rabbit hole? I have valid credentials :neutral:

yeah… I am getting the same here.
Got 2nd user creds but winrm is not playing the game… what am I missing?

Type your comment> @acidbat said:

Type your comment> @CyberVaca said:

Wtf winrm? rabbit hole? I have valid credentials :neutral:

yeah… I am getting the same here.
Got 2nd user creds but winrm is not playing the game… what am I missing?

Ok got passed that part (yay)

Next hurdle … :neutral: , challenge

a slow start on this one. I have a bunch of users, and admin access to the high port site, but haven’t been able to turn it into anything so far.

Is going down the J*A path the right way for root?

Hey guys, got rooted but without NT\Authority System. Is there any way to get root shell? If someone knows i will appreciate for helps

Rooted! Hard box but very entertaining! Congrats @cube0x0!

PM if anyone need a little nudge!

Rooted, awesome box and I learned a bunch of new things. Great work @cube0x0
A bonus when you also understand the language being used :smiley:

İt’s getting harder !! Brain freze.(

Great box, harder than what i expected.
I dont have many hints to share without spoiling too much, but i suggest to have a look at a sneaky box.

to whom it may concern:

just because something is possible doesn’t mean you should do it.

please stop changing passwords for accounts other players are dependent on!

Rooted. A little bit ez box, a little bit hard box. If you need some help, DM me.

Hint: you have to learn powershell very good. If you have admin creds, you cant get user.txt. So, please “step by step”

this was by far the hardest machine i have ever played on HTB.
i couldn’t have done it without the knowledge and patience of @acidbat .

for me, with Windows machines there is often the additional burden of having to read Microsoft-written documentation… which just always gives me the creeps :tired_face:

still, i learnt a lot :smile:

tack så mycket @cube0x0