@cutterslim said:
Finally got system…this being my first machine to learn on, I did not find it easy. I would describe easy (at least for a beginner) a machine that has less rabbit holes to run down (to limit time sinks).User: I had a few nudges. Unsure how long I’d have spent banging my head going after the wrong thing without these nudges. Things finally clicked, but for the wrong reasons, I was able to view the server access log, and I could see what other pen testers were doing that made me think of how to get my payload over to get that 1st shell
Root: spent too many hours going yet another rabbit hole (went after exploit that requires another windows machine to mount attack). When I finally ran my enumeration script on the victim machine, it gave me a wall of text, and the misconfiguration part was near the top so I kept missing it (realized I should have redirected output to a file for easier reading). I finally got the misconfig message by stopping scroll while the script ran.
Not an easy machine to learn on, but thankful for all the nudges that saved me hours of going down rabbit holes (i still spent a good 3-4 hrs a day since this machine came online). I learned a lot, but would not recommend this to a beginner unless said beginner is resilient to frustration (i feed off frustration).
It depends on your current knowledge wether you find this box easy or not,
Its a pretty basic one once you have initial foothold which is fairly easy too.
There are multiple ways to root the box so it is a good one for begginers to learn on.
Rabbit holes keep these boxes fun, frustration is part of the job but keeps it from being too easy.
![Foalma321] (https://www.hackthebox.eu/badge/image/74636)