Official Laboratory Discussion

Well that box was a journey for an easy box. Not one of my favorites but good box over all I suppose…pm on htb or discord for some nudges if you need them.

discord: Pal3BlueD0t#0299

not fun at all especially the first part

but the second is easy

Hi everyone,

i try to take out this machine but i’m stuck on page who everybody is stuck, I’ve try some payloads but it doesn’t work. If someone can nudge some tips for bypass the l**** page of G** it will be great, thanks

Yay! I finally got user.txt I feel like a part of history (probably the most profitable… spoiler… right)
On a completely unrelated note, have you guys ever checked out visualhack on vimeo.com ? They have like, 75 howto videos (that I’ve noticed). Maybe a litt;le less, maybe more like, sixty something videos…

too unstable, always be 502

Type your comment> @Zot said:

Yay! I finally got user.txt I feel like a part of history (probably the most profitable… spoiler… right)
On a completely unrelated note, have you guys ever checked out visualhack on vimeo.com ? They have like, 75 howto videos (that I’ve noticed). Maybe a litt;le less, maybe more like, sixty something videos…

will check that thanks

can any nudge me i got the webpage and signup the webpage but stuck afterwards

i got a user flag but it doesn't submit
last reset < 1 hour

Have user, but flag doesn’t submit - even after a reset.

Have user, but flag doesn’t submit

Hello everyone, been trying to figure a way to turn my L** to R** and so far, no luck. i’ve grabbed the s*****.y** file, and my only question is, do you need to set up your own g***** for it to work?

@Alpha19
Go back on this thread and read PrivacyMonk3y post

@tyrantwave said:

Have user, but flag doesn’t submit - even after a reset.

@nourmuj said:

Have user, but flag doesn’t submit

@Embargo said:

i got a user flag but it doesn't submit
last reset < 1 hour

This comes up on every thread about once a week (Mostly Mondays). HTB uses dynamic hashes and sometimes they dont work. The hashes should change after every reset and be different on different VPNs - this means that hashes should be used as soon as you get them and that sometimes the process which registers the new hash in the scoring server will break.

If it is a box that is being hit with resets, it becomes imperative that the hash is used immediately as a reset will render it invalid.

Your choices are really:

  • Wait a while, repwn the the box and get a working a hash.
  • Report it to HTB via a jira ticket and get them to fix the problem.

This isn’t something that can be fixed by the forum or by tips from other users.

Type your comment> @TazWake said:

@tyrantwave said:

Have user, but flag doesn’t submit - even after a reset.

@nourmuj said:

Have user, but flag doesn’t submit

@Embargo said:

i got a user flag but it doesn't submit
last reset < 1 hour

This comes up on every thread about once a week (Mostly Mondays). HTB uses dynamic hashes and sometimes they dont work. The hashes should change after every reset and be different on different VPNs - this means that hashes should be used as soon as you get them and that sometimes the process which registers the new hash in the scoring server will break.

If it is a box that is being hit with resets, it becomes imperative that the hash is used immediately as a reset will render it invalid.

Your choices are really:

  • Wait a while, repwn the the box and get a working a hash.
  • Report it to HTB via a jira ticket and get them to fix the problem.

This isn’t something that can be fixed by the forum or by tips from other users.

i can now submit the flag (Y)

Finally, I got root!

How do i run the G***** R**** C******, my reconfigure errors out…

Type your comment> @KonEcho said:

How do i run the G***** R**** C******, my reconfigure errors out…

same

Type your comment> @KonEcho said:

How do i run the G***** R**** C******, my reconfigure errors out…

On my Parrot I installed G***** in exactly the same version as in laboratory.htb from all-in-one package on project website. Reconfigure wents smoothly and I have g*****-r**** command in my PATH. I needed to start with sudo.

Type your comment> @sparrow1 said:

On my Parrot I installed G***** in exactly the same version as in laboratory.htb from all-in-one package on project website. Reconfigure wents smoothly and I have g*****-r**** command in my PATH. I needed to start with sudo.

I currently installed the exact version D***** i**** of it on kali…do i have instead manually install it ?..Appreciate the help

Type your comment> @KonEcho said:

Type your comment> @sparrow1 said:

On my Parrot I installed G***** in exactly the same version as in laboratory.htb from all-in-one package on project website. Reconfigure wents smoothly and I have g*****-r**** command in my PATH. I needed to start with sudo.

I currently installed the exact version D***** i**** of it on kali…do i have instead manually install it ?..Appreciate the help

Well I couldn’t quite grasp packaging in my distro and it was different version anyway, so I went with upstream .deb package.