Official Laboratory Discussion

can anyone send me a pm to give me a nudge on initial with this please?.. thanks in advance…

Finally rooted this box. Thanks @waza and @SpawnZii for the tips. Can’t say I really enjoyed this box…it is definitely no easy box.
Foothold: requires a lot of setup but you can find information on exactly how to do it and run the exploit you need.
User: peas should find instructions to allow you to gain access.

Root: Based on all the other comments, when you find what you are looking for, focus on what it is, rather than what it is doing. I was chasing the wrong thing for a while and making it harder than it needed to be.

getting error 502 on g***** ???

getting same error from last 1 hr ???

I am getting 502 even after resets

@dmeg said:

I am getting 502 even after resets

After resetting the box, it will take quite some time, until al services are up. During that time, make sure no one else initiates a reset (check the shoutbox on the HTB site, and cancel all reset requests fro the box).

For those not interested in trying harder than you need to (this is me for this one) you dont need an elaborate setup to get the exploit for your foothold to work…just find the right CVE and google.

I’m lost trying to get root, anyone can pm me with hints?

@Nitryto said:

I’m lost trying to get root, anyone can pm me with hints?

Enumeration is the key. Find the thing with the thing set, examine it, hijack it.

any help for the laboratory machine ?

rooted!

Interesting box, full of frustrations…

Foothold - exploit chain, can be done with a script if you know what the chain is and how to search it
User - listen to your priv esc tools
Root - typical priv esc research will find this thing, if you can find it, how do you “unpack” it or “peak” into it to figure out what it does???

can i have some help?
i found the g***** page, already created/logged, also have used an F*** R*** RCE exploit, found p****d and ssh dsa.

I’ve been unsuccessful installing “rails console” on two different environments. How can I get around this?

Took me two days and help, but finally rooted. Thanks to all!

I’m stuck on G****** too!!!

rooted! finnaly! the last part to get root access really got me thinking, after a while i found something that lead me to something when i run ltr**e on that something make me gotta do evasion thing on it.

feel free to DM me if any of you guys need help.
btw @artilleryRed i’m also got that problem, because i’m using new hardware i just make sure i installed docker and docker composer properly and when i docker exec -ti **** bash ,it worked and you just simply put gitlab-rails console as command .

I was asking for some assistance on this. Then developed a test case to see if I could move further. At this point, I am a bit further along. I was just going to delete the post I did, but could only edit it… I may be back though. :smile:

yesterday got a shell as g**, and today 502 hahahaha

Type your comment> @balkan said:

yesterday got a shell as g**, and today 502 hahahaha

im stucked, i have a shell as g**, any nudge plis?

@balkan said:

Type your comment> @balkan said:

yesterday got a shell as g**, and today 502 hahahaha

im stucked, i have a shell as g**, any nudge plis?