Judging by the amount of forum traffic, @ippsec this box has been very popular especially with the newer users amongst us. Thank you.
Other box creators, if you are listening, we need more easy- and medium-rated boxes to help our new players learn their skills. And while I’m at it, we should probably have more Windows boxes to better prepare for the real mostly Wintel world.
Rooted
Stuck for the foothold , just read what is on front of you .
For the root part, check which service is running and don’t forget what was read previously. DM if you need help
This is my first time on HTB, although this machine seemed very straight forward I kept running into walls where things wouldn’t behave as expected which made me over think it. After walking away for a day I decided to look up some tutorials, all of which did exactly what I did but they got different results which allowed them to move forward. Can I dm someone to talk about this more? I’m a noob and I’m sure I’m just missing something so I have some noob questions that are too specific for a google search unfortunately lol
This is my first time on HTB, although this machine seemed very straight forward I kept running into walls where things wouldn’t behave as expected which made me over think it. After walking away for a day I decided to look up some tutorials, all of which did exactly what I did but they got different results which allowed them to move forward. Can I dm someone to talk about this more? I’m a noob and I’m sure I’m just missing something so I have some noob questions that are too specific for a google search unfortunately lol
For most of machines that i’ve done this was a very good and easy one. Some others easy are very more difficult than this one.
A big thanks to @ippsec for the work on this one.
For people who need a nudge MP me.
PS : This is a very good one machine for beginners
does anyone have any advice with how to crack the hashes with ht? I have tried a lot of variations and rules, but nothing. also, new to ht “variations”.
@blanks said:
does anyone have any advice with how to crack the hashes with ht? I have tried a lot of variations and rules, but nothing. also, new to ht “variations”.
Does the email actually send for the verification part? Im confused about this because i have never received one. . i have the exploit but in order to “activate” it i need an account.
I have user but had to watch a video tutorial (sorry to say). I’m curious if others can share how they enumerated (private if you would). I used traditional nmap, nikto, dirbuster, and searchsploit for what I was finding and got no where. I did not find this intuitive at all. The most helpful hint of all was the h***s file hint. Again, my first hack, and definitely learned trying too hard is not the way to go.
I have user but had to watch a video tutorial (sorry to say). I’m curious if others can share how they enumerated (private if you would). I used traditional nmap, nikto, dirbuster, and searchsploit for what I was finding and got no where.
If you visit the page, the information is there.
I did not find this intuitive at all. The most helpful hint of all was the h***s file hint. Again, my first hack, and definitely learned trying too hard is not the way to go.
Dont focus too much on tools. Opening a site in a web browser is often very effective.
Rooted. This was a nice fun machine, but it did highlight a serious problem that is very common. @ippsec, great machine, and looking forward to many more.