i got a user flag but it doesn't submit last reset < 1 hour
This comes up on every thread about once a week (Mostly Mondays). HTB uses dynamic hashes and sometimes they dont work. The hashes should change after every reset and be different on different VPNs - this means that hashes should be used as soon as you get them and that sometimes the process which registers the new hash in the scoring server will break.
If it is a box that is being hit with resets, it becomes imperative that the hash is used immediately as a reset will render it invalid.
Your choices are really:
Wait a while, repwn the the box and get a working a hash.
Report it to HTB via a jira ticket and get them to fix the problem.
This isn’t something that can be fixed by the forum or by tips from other users.
This wasn’t the issue with this box.
I’m VIP+ and ran into it. There is a reason and it might be a bug in all honesty.
Two types of payloads. Without resetting I ended up with two different root hashes.
I can’t really explain more without spoils but this one was for sure buggy and not just the dynamic hashing.
Man, I rage purged g**** from my machine after it crashed my box several times during installation. The last crash pushed me over the edge. Eff this box.
This is too much for me for a supposedly easy machine.
This wasn’t the issue with this box.
I’m VIP+ and ran into it. There is a reason and it might be a bug in all honesty.
Two types of payloads. Without resetting I ended up with two different root hashes.
I can’t really explain more without spoils but this one was for sure buggy and not just the dynamic hashing.
FTR one method worked the other didn’t
That feels like something HTB should be notified about so they can fix the bug.
initial foothold wasn’t easy (especially if you do not read the report carefully). after getting a rev-shell look what services you can access…
root was pretty easy
Not easy at all, especially foothold. You spend so much time on foothold that when it’s time to do user you’ve forgotten your name, imagine what this machine was about.
I enjoyed it still, kinda sadistic. Learnt a couple of things, realized I don’t know a couple of thousand. Thanks to those who gave me nudges, especially @earl12 who gave me the advice to use docker. Good luck everyone and HAVE FUN.
I can look back now and say nice machine and I learnt a lot about that service. Knowing the path to take and getting a shell was a lot more difficult than it should have been, but a great learningn experience. Thanks to @knuijsting for putting me back on the right path.
After 2 days of struggling with G****** C***** generation finally got root! The final part was pretty funny and learned a lot of stuff but the unreliability of the C***** generation nearly drove me insane
Hi all, i found a bcrypt hash, for a certain user starting with ‘D’ I dont have much computing power, is it worthwhile attempting to crack it, if so should I use rockyou?
Hey , I am on this box for about 2 days now and going through this forum regularly
I can see we have to use docker somehow … The thing is I have no idea how it can be used
I wanted to ask you all how you learn about stuff u dont know already and have no idea about how or what u can do with these
Hoping to get some help in dm
Appreciate any help
thnk u
Hey , I am on this box for about 2 days now and going through this forum regularly
I can see we have to use docker somehow … The thing is I have no idea how it can be used
I wanted to ask you all how you learn about stuff u dont know already and have no idea about how or what u can do with these
Hoping to get some help in dm
Appreciate any help
thnk u
I’m in the same spot, can anyone give me any nudge?