Official ScriptKiddie Discussion

edit: That was easier than I thought it was going to be.

User: took me longer than it should have because I was for sure the method I was trying to get a foothold was the correct method, but I just couldn’t get it to work

Root: pretty straightforward and obvious

Type your comment> @B3LL470R said:

Anyone else having issues with the box? I assume the servers are just begged down

I am not able to use the release area VPN connection … it’s just getting connection resets. The other VPN connection (ProLab, regular machines) work.

Did I ever mention that I’m horribly bad, when it comes to web? And this supposedly easy machine proves me right, again :lol:

(so this is how a machine release look like haha! silent and intense)
why shoutbox and machine page not showing same result regarding bloods im confused

thx for the box! got user :slight_smile: , searching for root now … (easy seems to be easy again…)

hat some issue with getting ip on “Release Arena” switch after some failure to my default vpn environment … < is this an issue or iam doing something wrong her ( download vpn pack spawn vm …tried to connect…)

have fun :slight_smile:

Can anyone please give me a hint?

Can anyone give me a hint for bypassing the fi****?

started to teach my kid HTB - would this be a suitable box for an absolute beginner? We gonna do it together tomorrow.

just realized I missed my only chance for first blood in a year :smiley: :smiley: lol rofl

If someone is able to give me a hint for foothold, I’d appreciate one.

Try harder.

Thought I’d blow past this one but stuck at foothold :confused:

Do we need to go after the upload? I can’t seem to find mine. Tried tinkering with other fields but to no avail.

EDIT: just rooted. this box is really meta. Jesus

any possible hints? 3 hours lead to nothing so far :sweat_smile:

Got user, but am I barking up the wrong tree with s—l----s.s-? I’m pretty confident I have a helpful input line, but I don’t see what triggers s—l----s.s- to execute. My line is just sitting there and the lines don’t seem to be being blanked out. (I can trigger the thing add its own ‘normal’ lines, too, but I can’t seem to trigger s—l----s.s- to read it…)

EDIT: Oops; I realize now that I broke it when I was poking around. In case anyone else makes the same mistake I did, just make sure you don’t accidentally delete/recreate the file that it’s reading. (I didn’t realize it was being triggered by in—n.) Rooted; fun box, thanks!

Must be missing sth… take longer than expected on foothold. Can anyone give me a nudge?

EDIT: rooted. could’ve done faster but anyway. Thanks 0xdf for creating the box.

the server executes commands based off of user input. think of exactly what commands are being run on the server (with arguments), and search for vulns from there

rooted! Good easy box. Thanks 0xdf :slight_smile:

Can someone give me a bump? i think im making foothold harder then it has to be. Did you need to use burp?

Nop burp is not used here

Got user. Any hint for the next step?

Any have a link can be useful or the link can give more information about the attack vector?
Thanks.