Official Laboratory Discussion

Not easy at all, especially foothold. You spend so much time on foothold that when it’s time to do user you’ve forgotten your name, imagine what this machine was about.
I enjoyed it still, kinda sadistic. Learnt a couple of things, realized I don’t know a couple of thousand. Thanks to those who gave me nudges, especially @earl12 who gave me the advice to use docker. Good luck everyone and HAVE FUN.

The single most important point I’d like to stress as well is to use docker :smiley: foothold was not easy at all, but after that it’s pretty smooth.

Anyone else getting syntax errors trying to generate the payload?

Type your comment> @ElleuchX1 said:

is it even working for you guys? i can’t even enter the g**** page anymore

I keep getting error 502 “Whoops, G***** is taking too much time to respond.” So you’re not allowed.

Anyone able to assist - I understand you need to recreate the webpage but not sure where to begin.

Hello,
Can any1 guide me in the right direction?

I create the d***** c****** file but i think i made some mistakes.

I wait for any msg in private.

Thanks

Rooted!

I can look back now and say nice machine and I learnt a lot about that service. Knowing the path to take and getting a shell was a lot more difficult than it should have been, but a great learningn experience. Thanks to @knuijsting for putting me back on the right path.

Anyone have a good article on how to exploit G**** with dokcer, i have the secret but im stuck ! Thx

Almost a day to get be able to access the webpage idk why
Otherwise great box
definitely not easy
uid=0(root) gid=0(root) groups=0(root),1000(dexter)

After 2 days of struggling with G****** C***** generation finally got root! The final part was pretty funny and learned a lot of stuff but the unreliability of the C***** generation nearly drove me insane

After a lot of trials and tribulations, I’ve gotten a shell. Poking around at the environment, and I think I might be completely lost.

Hi all, i found a bcrypt hash, for a certain user starting with ‘D’ I dont have much computing power, is it worthwhile attempting to crack it, if so should I use rockyou?

Hey , I am on this box for about 2 days now and going through this forum regularly
I can see we have to use docker somehow … The thing is I have no idea how it can be used
I wanted to ask you all how you learn about stuff u dont know already and have no idea about how or what u can do with these
Hoping to get some help in dm
Appreciate any help
thnk u

Type your comment> @Prjvl said:

Hey , I am on this box for about 2 days now and going through this forum regularly
I can see we have to use docker somehow … The thing is I have no idea how it can be used
I wanted to ask you all how you learn about stuff u dont know already and have no idea about how or what u can do with these
Hoping to get some help in dm
Appreciate any help
thnk u

I’m in the same spot, can anyone give me any nudge?

Thx

Is the given IP address not resolving to a server intended or is it bugged atm? I have a way around it, but if I use the given IP it redirects to laboratory.htb which doesn’t have an IP address associated to

@msimonelli said:

Is the given IP address not resolving to a server intended or is it bugged atm? I have a way around it, but if I use the given IP it redirects to laboratory.htb which doesn’t have an IP address associated to

Have you added things to your hosts file?

@TazWake said:

@msimonelli said:

Is the given IP address not resolving to a server intended or is it bugged atm? I have a way around it, but if I use the given IP it redirects to laboratory.htb which doesn’t have an IP address associated to

Have you added things to your hosts file?

No, should I have? (I don’t think I should need to?)

It’s a pretty common thing to need to edit your hosts file.

@tyrantwave said:

It’s a pretty common thing to need to edit your hosts file.

alright welp that fixed it but I’m still completely stuck on the actual challenge. any nudges?

@msimonelli said:

No, should I have? (I don’t think I should need to?)

google SNI, go back to your nmap scan