Official Laboratory Discussion

Type your comment> @0xc45 said:

Good luck, have fun all!

Rooted, I’m going to hang myself, thank you :confused:

(you can pm me here or on discord : Peter Pan#9999)

Ok so I got the secret file.
Could use a little nudge here moving forward with the payload.

Thanks

Type your comment> @aimforthehead said:

Ok so I got the secret file.
Could use a little nudge here moving forward with the payload.

Thanks

I ran a Docker instance of same version G----b with much Google’ing and going through the docs since not familiar with its back-end operation. Takes time but you can re-create close enough to the same environment using that file you found. If you look at the headers there’s something unique in there that you can now forge. You’ve probably come across the bug report that got you that file, keep reading down the page. You’ll know it when you see it.

Foothold

The map will reveal the way.
For the rest…
On a completely unrelated note, @zot suggestion on pg 4 if fire.

User

Record are meant to be changed with the right console.

Root

If you blink twice you might miss it. No peas necessary.
What is it really doing?

There is already a ton of good stuff in this thread. I hope this helps someone.

PM for a nudge.

Just rooted the box!

root@laboratory:~# whoami && hostname
root
laboratory

I have completed 53 machines after completing this one, and I will say this was probably the worst for being rated incorrectly. I am wondering how the decision is made to provide a rating for the machines. I would like more insight into that.

I’m not complaining about the machine itself. I actually really enjoyed it!! Great box @0xc45 !!

As always, DM if you need a nudge.

any nudge for user i find something important from user attributes but it’s encrypted

Haven’t had much time to work on this one, but every time I do, I get 502s on the g**.*******. page

Resets dont’ work. At first a server change worked, but now it doesn’t, and I’m too lazy to keep changing it until it works.

I think I’ll just move on from this one for now, lol.

Type your comment> @Skyr00 said:

any nudge for user i find something important from user attributes but it’s encrypted

maybe you can replace this important thing with something else ? :slight_smile:

@pizzapower said:
Haven’t had much time to work on this one, but every time I do, I get 502s on the g**.*******. page

Resets dont’ work. At first a server change worked, but now it doesn’t, and I’m too lazy to keep changing it until it works.

I think I’ll just move on from this one for now, lol.

Personally I was waiting 5-10 mins after a reset and the G***** was on.

Type your comment> @PeterPwn said:

@pizzapower said:
Haven’t had much time to work on this one, but every time I do, I get 502s on the g**.*******. page

Resets dont’ work. At first a server change worked, but now it doesn’t, and I’m too lazy to keep changing it until it works.

I think I’ll just move on from this one for now, lol.

Personally I was waiting 5-10 mins after a reset and the G***** was on.

Well I’ll be damned. Maybe I should learn some patience. Hahaha. Thanks!

I am working on this box and accessing to one port I receive code 502. Is it normal or reset must be done?

Hi guys, I transferred Labratory machine ownership (which I haven’t seen before) to myself. Can someone explain that to me? Like have root/Administrator never gives that option so I think it has something to do with the VM internals - is that related to the access? Apologies, n00b overhere.

Rooted. Struggled a while on the foothold after I got around all my 502 errors.

User was easy.

Root was funny because whenever i cat’d a certain file, I didn’t see what I needed to see to privesc. Idk if my terminal was messed up or something, but I was very confused because I was very confident that this was part of the privesc, but I didn’t see anything worthwhile.

Finally figured it out, though. Fun box! Thanks!

@Darvidor said:
I am working on this box and accessing to one port I receive code 502. Is it normal or reset must be done?

Look a few posts above yours.

I have issues with the box for dirbuster and nmap. Ping responses take forever too. Is it just like that or?

Gosh! I just rooted the box. I am begining with this platform and this was the hardest easy box I have found.

DM open for nudges.

Thanks to @waza and @alphaomega for guide when I was stuck.

Is there a solution for the 502 problem? Has anyone reported it to HTB?

I’m getting RCE by installing g***** on my own machine using the same s*****.yml. It seems payload is wrong… Any nudge?

@TazWake said:

Is there a solution for the 502 problem? Has anyone reported it to HTB?

From the descriptions I read in this thread, it’s probably related to slow service start, combined with people resetting the machine due to the 502 :smiley:
The service really takes its time to come up, and until then the upstream proxy will return “I can’t reach that service”

@HomeSen said:

From the descriptions I read in this thread, it’s probably related to slow service start, combined with people resetting the machine due to the 502 :smiley:
The service really takes its time to come up, and until then the upstream proxy will return “I can’t reach that service”

That kind of makes sense, although I did wait about 30 minutes before I gave up this morning (and I made sure I cancelled anyone else trying to reset it after my reset :wink: )