Official Laboratory Discussion

Type your comment> @balkan said:

Spoiler Removed

sorry 4 the spoiler, i’ve a l**, i need to get a r** :neutral:

any nudge with user enum please

Rooted… the most brutal Easy box I’ve done here.
Half of the battle was getting what was required for the payload.

Solid box, but man these easy boxes are changing these days.
Having to create a VM or find a stable docker is kind of nuts but I guess from a security professional point of view it’s not that abnormal.

/shrug

At least it’s done lol can go back to study :stuck_out_tongue:

Well that box was a journey for an easy box. Not one of my favorites but good box over all I suppose…pm on htb or discord for some nudges if you need them.

discord: Pal3BlueD0t#0299

not fun at all especially the first part

but the second is easy

Hi everyone,

i try to take out this machine but i’m stuck on page who everybody is stuck, I’ve try some payloads but it doesn’t work. If someone can nudge some tips for bypass the l**** page of G** it will be great, thanks

Yay! I finally got user.txt I feel like a part of history (probably the most profitable… spoiler… right)
On a completely unrelated note, have you guys ever checked out visualhack on vimeo.com ? They have like, 75 howto videos (that I’ve noticed). Maybe a litt;le less, maybe more like, sixty something videos…

too unstable, always be 502

Type your comment> @Zot said:

Yay! I finally got user.txt I feel like a part of history (probably the most profitable… spoiler… right)
On a completely unrelated note, have you guys ever checked out visualhack on vimeo.com ? They have like, 75 howto videos (that I’ve noticed). Maybe a litt;le less, maybe more like, sixty something videos…

will check that thanks

can any nudge me i got the webpage and signup the webpage but stuck afterwards

i got a user flag but it doesn't submit
last reset < 1 hour

Have user, but flag doesn’t submit - even after a reset.

Have user, but flag doesn’t submit

Hello everyone, been trying to figure a way to turn my L** to R** and so far, no luck. i’ve grabbed the s*****.y** file, and my only question is, do you need to set up your own g***** for it to work?

@Alpha19
Go back on this thread and read PrivacyMonk3y post

@tyrantwave said:

Have user, but flag doesn’t submit - even after a reset.

@nourmuj said:

Have user, but flag doesn’t submit

@Embargo said:

i got a user flag but it doesn't submit
last reset < 1 hour

This comes up on every thread about once a week (Mostly Mondays). HTB uses dynamic hashes and sometimes they dont work. The hashes should change after every reset and be different on different VPNs - this means that hashes should be used as soon as you get them and that sometimes the process which registers the new hash in the scoring server will break.

If it is a box that is being hit with resets, it becomes imperative that the hash is used immediately as a reset will render it invalid.

Your choices are really:

  • Wait a while, repwn the the box and get a working a hash.
  • Report it to HTB via a jira ticket and get them to fix the problem.

This isn’t something that can be fixed by the forum or by tips from other users.

Type your comment> @TazWake said:

@tyrantwave said:

Have user, but flag doesn’t submit - even after a reset.

@nourmuj said:

Have user, but flag doesn’t submit

@Embargo said:

i got a user flag but it doesn't submit
last reset < 1 hour

This comes up on every thread about once a week (Mostly Mondays). HTB uses dynamic hashes and sometimes they dont work. The hashes should change after every reset and be different on different VPNs - this means that hashes should be used as soon as you get them and that sometimes the process which registers the new hash in the scoring server will break.

If it is a box that is being hit with resets, it becomes imperative that the hash is used immediately as a reset will render it invalid.

Your choices are really:

  • Wait a while, repwn the the box and get a working a hash.
  • Report it to HTB via a jira ticket and get them to fix the problem.

This isn’t something that can be fixed by the forum or by tips from other users.

i can now submit the flag (Y)

Finally, I got root!

How do i run the G***** R**** C******, my reconfigure errors out…

Type your comment> @KonEcho said:

How do i run the G***** R**** C******, my reconfigure errors out…

same