I have completed 53 machines after completing this one, and I will say this was probably the worst for being rated incorrectly. I am wondering how the decision is made to provide a rating for the machines. I would like more insight into that.
I'm not complaining about the machine itself. I actually really enjoyed it!! Great box @0xc45 !!
Hi guys, I transferred Labratory machine ownership (which I haven't seen before) to myself. Can someone explain that to me? Like have root/Administrator never gives that option so I think it has something to do with the VM internals - is that related to the access? Apologies, n00b overhere.
My thanks for any and all help; it is appreciated!
Rooted. Struggled a while on the foothold after I got around all my 502 errors.
User was easy.
Root was funny because whenever i cat'd a certain file, I didn't see what I needed to see to privesc. Idk if my terminal was messed up or something, but I was very confused because I was very confident that this was part of the privesc, but I didn't see anything worthwhile.
Happy to help people but PLEASE explain your problem in as much detail as possible! If you say vague things like "It's not working", I cant help. This isn't Twitter so my DMs are always open.
Currently have very limited HTB time but will try to respond as quickly as possible.
Is there a solution for the 502 problem? Has anyone reported it to HTB?
From the descriptions I read in this thread, it's probably related to slow service start, combined with people resetting the machine due to the 502
The service really takes its time to come up, and until then the upstream proxy will return "I can't reach that service"
From the descriptions I read in this thread, it's probably related to slow service start, combined with people resetting the machine due to the 502
The service really takes its time to come up, and until then the upstream proxy will return "I can't reach that service"
That kind of makes sense, although I did wait about 30 minutes before I gave up this morning (and I made sure I cancelled anyone else trying to reset it after my reset )
Happy to help people but PLEASE explain your problem in as much detail as possible! If you say vague things like "It's not working", I cant help. This isn't Twitter so my DMs are always open.
Currently have very limited HTB time but will try to respond as quickly as possible.
Ah okay. Well, 30 minutes would be a tad bit too much, though. Maybe someone killed the service (or one of the dependencies) in the meantime.
But yea, it sounds really odd.
Hi guys, I transferred Labratory machine ownership (which I haven't seen before) to myself. Can someone explain that to me? Like have root/Administrator never gives that option so I think it has something to do with the VM internals - is that related to the access? Apologies, n00b overhere.
Completely unrelated to root or admin access. It's for the website to track if you have an active machine/so you have control over resets and extension.
Rooted the machine,
Initial foothold was difficult because you need to setup your own local instance to generate the payload.
Thanks @cmoon for giving me nudges
PM if you need help
Practically impossible to work on this box, at least at this time in the evening. It keeps being reset every half hours.
Edit : I tried to recreate the environment inside a VM. I followed to the letter every step written on the official docs both for G***** and D*****, but I still can't get it to work (the browser just hangs). If anyone has a good link that explains in details how to set everything up so I can work on some tests, that'd be great
I had to resort to changing servers over and over again until I found one that had a working webpage.
Possibly too late to be helpful now, but I really think its better if people report things like this via a jira ticket.
If you have to change servers, then it implies something on the original server is broken and it isn't being fixed by a reset. It frustrates me that it is becoming more and more common but HTB wont ever become aware of it unless people tell them.
For me, this box was so problematical I nearly gave up. After raising a ticket (and sadly simply being told "its working for us, maybe you should reset it") I went back on the box and it was finally working.
I did have to cancel a lot of resets while I was working on it though.
Happy to help people but PLEASE explain your problem in as much detail as possible! If you say vague things like "It's not working", I cant help. This isn't Twitter so my DMs are always open.
Currently have very limited HTB time but will try to respond as quickly as possible.
Happy to help people but PLEASE explain your problem in as much detail as possible! If you say vague things like "It's not working", I cant help. This isn't Twitter so my DMs are always open.
Currently have very limited HTB time but will try to respond as quickly as possible.
I had to resort to changing servers over and over again until I found one that had a working webpage.
Possibly too late to be helpful now, but I really think its better if people report things like this via a jira ticket.
If you have to change servers, then it implies something on the original server is broken and it isn't being fixed by a reset. It frustrates me that it is becoming more and more common but HTB wont ever become aware of it unless people tell them.
Probably should have on this one but I figured I was just too impatient. Definitely done that before
Yeah this was a very nice box! Took a lot of effort to get everything right. I agree not easy... for now... I had some insights that it will become quite easy in the near future.
Though if you want to learn keep doing it in this difficult intended way! Thanks and kudos to the creator!
Comments
Just rooted the box!
I have completed 53 machines after completing this one, and I will say this was probably the worst for being rated incorrectly. I am wondering how the decision is made to provide a rating for the machines. I would like more insight into that.
I'm not complaining about the machine itself. I actually really enjoyed it!! Great box @0xc45 !!
As always, DM if you need a nudge.
OSCP | CISSP | CSSLP
Respect always welcome if I can help you: https://www.hackthebox.eu/home/users/profile/140630
any nudge for user i find something important from user attributes but it's encrypted
Haven't had much time to work on this one, but every time I do, I get 502s on the g**.**********.*** page
Resets dont' work. At first a server change worked, but now it doesn't, and I'm too lazy to keep changing it until it works.
I think I'll just move on from this one for now, lol.
Type your comment> @Skyr00 said:
maybe you can replace this important thing with something else ?
@Peter Pan#9999 on discord
Personally I was waiting 5-10 mins after a reset and the G***** was on.
@Peter Pan#9999 on discord
Type your comment> @PeterPwn said:
Well I'll be damned. Maybe I should learn some patience. Hahaha. Thanks!
I am working on this box and accessing to one port I receive code 502. Is it normal or reset must be done?
Always happy to help you. Don't forget to give me respect.
Click here to access my profile.
Discord user: darvidor#2989
Hi guys, I transferred Labratory machine ownership (which I haven't seen before) to myself. Can someone explain that to me? Like have root/Administrator never gives that option so I think it has something to do with the VM internals - is that related to the access? Apologies, n00b overhere.
My thanks for any and all help; it is appreciated!
Rooted. Struggled a while on the foothold after I got around all my 502 errors.
User was easy.
Root was funny because whenever i cat'd a certain file, I didn't see what I needed to see to privesc. Idk if my terminal was messed up or something, but I was very confused because I was very confident that this was part of the privesc, but I didn't see anything worthwhile.
Finally figured it out, though. Fun box! Thanks!
Look a few posts above yours.
I have issues with the box for dirbuster and nmap. Ping responses take forever too. Is it just like that or?
My thanks for any and all help; it is appreciated!
Gosh! I just rooted the box. I am begining with this platform and this was the hardest easy box I have found.
DM open for nudges.
Thanks to @waza and @alphaomega for guide when I was stuck.
Is there a solution for the 502 problem? Has anyone reported it to HTB?
Note: https://www.nohello.com/
Happy to help people but PLEASE explain your problem in as much detail as possible! If you say vague things like "It's not working", I cant help. This isn't Twitter so my DMs are always open.
Currently have very limited HTB time but will try to respond as quickly as possible.
I'm getting RCE by installing g***** on my own machine using the same s*****.yml. It seems payload is wrong... Any nudge?
@TazWake said:
From the descriptions I read in this thread, it's probably related to slow service start, combined with people resetting the machine due to the 502
The service really takes its time to come up, and until then the upstream proxy will return "I can't reach that service"
GREM | OSCE | GASF | eJPT
@HomeSen said:
That kind of makes sense, although I did wait about 30 minutes before I gave up this morning (and I made sure I cancelled anyone else trying to reset it after my reset
)
Note: https://www.nohello.com/
Happy to help people but PLEASE explain your problem in as much detail as possible! If you say vague things like "It's not working", I cant help. This isn't Twitter so my DMs are always open.
Currently have very limited HTB time but will try to respond as quickly as possible.
Ah okay. Well, 30 minutes would be a tad bit too much, though. Maybe someone killed the service (or one of the dependencies) in the meantime.
But yea, it sounds really odd.
GREM | OSCE | GASF | eJPT
Type your comment> @junglemonkey said:
Completely unrelated to root or admin access. It's for the website to track if you have an active machine/so you have control over resets and extension.
Rooted the machine,
Initial foothold was difficult because you need to setup your own local instance to generate the payload.
Thanks @cmoon for giving me nudges
PM if you need help
Am I the only one who still got the 502 ?
> Am I the only one who still got the 502 ?
I had to resort to changing servers over and over again until I found one that had a working webpage.
Practically impossible to work on this box, at least at this time in the evening. It keeps being reset every half hours.
Edit : I tried to recreate the environment inside a VM. I followed to the letter every step written on the official docs both for G***** and D*****, but I still can't get it to work (the browser just hangs). If anyone has a good link that explains in details how to set everything up so I can work on some tests, that'd be great
@aimforthehead said:
@cmoon said:
Possibly too late to be helpful now, but I really think its better if people report things like this via a jira ticket.
If you have to change servers, then it implies something on the original server is broken and it isn't being fixed by a reset. It frustrates me that it is becoming more and more common but HTB wont ever become aware of it unless people tell them.
For me, this box was so problematical I nearly gave up. After raising a ticket (and sadly simply being told "its working for us, maybe you should reset it") I went back on the box and it was finally working.
I did have to cancel a lot of resets while I was working on it though.
Note: https://www.nohello.com/
Happy to help people but PLEASE explain your problem in as much detail as possible! If you say vague things like "It's not working", I cant help. This isn't Twitter so my DMs are always open.
Currently have very limited HTB time but will try to respond as quickly as possible.
@dragonista said:
If you are on the new "Beta" interface, it alerts you to a user trying to reset a box you are working on and you can try to reject it.
However, the 502 error means lots of people will think they need to reset rather than wait.
Note: https://www.nohello.com/
Happy to help people but PLEASE explain your problem in as much detail as possible! If you say vague things like "It's not working", I cant help. This isn't Twitter so my DMs are always open.
Currently have very limited HTB time but will try to respond as quickly as possible.
Probably should have on this one but I figured I was just too impatient. Definitely done that before
Just rooted it. Definitely shouldn't be rated easy. Feel free to pm me for a hint but make sure you're prepared to tell me what you've tried.
Yeah this was a very nice box! Took a lot of effort to get everything right. I agree not easy... for now... I had some insights that it will become quite easy in the near future.
Though if you want to learn keep doing it in this difficult intended way! Thanks and kudos to the creator!
If anyone of able to give a nudge on how to get the reverse shell, payloads don't seem to be working
nvm rooted
i have user and im trying to send d****r-s******y to my attacker machine, and nothing is working. I tried scp, wget, and curl.
@krisp33 said:
When you can’t send it, try to rather pull it
GREM | OSCE | GASF | eJPT