MY GOD, all those 502, 422 and 429 errors made this machine 10 times harder than it should.
Because I was getting a strange 422 error when I attempted to register a user, I went down a rabbit hole and with no cool drugs to make the trip worthwhile, only my ever-increasing rage and frustration to help me power through.
I tried to brute force a user and that, of course, got me banned
After that I went on a graphql site seen trip, only to find out that I just needed to register regularly half a day later …
I thought that I was going to lose my mind with this machine, but then I found a french-omelette-cheese-recipe in the ■■■■ Gitlab and I knew that it had already happened.
Cherry on top, another user put the same root payload in the same place that mine at the right time to mind f*ck me one last time.
Ahhh this is going to leave a mental scar; I’ll probably get an eye twitch every time I see a Gitlab from now on.
Any way, jokes aside, I got root. PM if you need help. The tips here helped me a lot.
Good box, I definitely went down some bad rabbit holes from the get go. Took me far too long to go from foot to user; I even saw what I was supposed to do early on but got sidetracked. However, I’m stuck on the user->root. It’s one of those obvious things… but I just can’t see it for the life of me. PMs appreciated if anyone has any tips.
Many of you are talking about deploying a similar environment locally but I managed to obtain a reverse shell and ended up in a d***** c******** as user g** without doing so but no flag so my next step is to find a way out of the c********. Is it a rabbit hole or someone managed to do the same and obtain root access ?
Been reading through comments about a G**** page…but I for what ever reason cannot seem to find this. I have used ffuf and dirb big.txt to scan through the web directories.
The directories i am finding dont seem to have anything that I recognize, or theyre full of media items that I used a secret dinosaur program to try and find hidden files, but that also has not helped.
Can I get a nudge in which direction to start looking?
ps I also looked at the service version of the webpage on google but exploits dont seem to work with ms. F
I am at a loss and wonder if this is one of those boxes involving something I have never heard of.
Been reading through comments about a G**** page…but I for what ever reason cannot seem to find this. I have used ffuf and dirb big.txt to scan through the web directories.
The directories i am finding dont seem to have anything that I recognize, or theyre full of media items that I used a secret dinosaur program to try and find hidden files, but that also has not helped.
Can I get a nudge in which direction to start looking?
Double check your nmap output. If it isnt there try running nmap with -sC -sV options.
Been reading through comments about a G**** page…but I for what ever reason cannot seem to find this. I have used ffuf and dirb big.txt to scan through the web directories.
The directories i am finding dont seem to have anything that I recognize, or theyre full of media items that I used a secret dinosaur program to try and find hidden files, but that also has not helped.
Can I get a nudge in which direction to start looking?
Double check your nmap output. If it isnt there try running nmap with -sC -sV options.
Alternatively, inspect certificates closely.
Thanks. I used sv in nmap but not sc so I was completely lost on this. also the certificate thing was a new one for me. Thanks again.
Hey there, i think i found the right exploit and i modified something in order to make it work, i’m still stuck in the part where it download the shell, i’m trying to use the lfi/rce of the service, someone can give me some hints?
Finally rooted this. What a ride. Willing to PM nudges if needed
This was the hardest “easy” box I’ve come across but not by design.
There were some stability issues as well that made it difficult to get a grip on things. I’m reasonably certain there’s some people who try to brute force things on HTB. Tsk Tsk. That’s not what this site is about.
Looking back I’m not sure why it was so hard. I guess because the attack vectors I’d found did not work as expected and required tweaking. It’s technically not that complicated but was hard to execute for certain reasons.
Foothold was tougher than it should have been but not by design. For some reason the obvious method of getting in didn’t work for me until I made some adjustments. This initially put me off making me think I was barking up the wrong tree.
User. Even after stealing the info I needed to become user I had trouble, again on my end, making it work. Again it seemed like I’d gone wrong somewhere but I needed a little new line char to fix the issue.
Root was a textbook standard beginner type exploit but you need to have your reading glasses on to find it. Tip: enumerate in detail and don’t just look for the easy stuff. It’s right there in the output of your fave enumeration tool.