Last Active


  • Before you do OSCP, you will never know, whether you are ready for it. Once you are in the labs, you will realize, that 70 machines on vulnhub is absolutely enough. The labs are kind of different than HTB and vulnhub, but you should already have a …
  • Just rooted this box - I liked the way of rooting. I've lost hours and hours on the initial foothold, although it was so simple in the end and I'm still banging my head. Keep it simple for the initial foothold. User: should be straight forward, eve…
  • Whoops! Thank you very much for catching this - I'll correct it!
  • Despite other opinions, I really liked this machine! Thanks to @sahay PM me, if hints are needed
    in Chaos Comment by 0x23b January 2019
  • (Quote) I'm more or less at the same spot, but haven't even got the idea of compiling and trying to BOF locally. But my question is regarding the access over the panel. The file states, it is accessible. But the pages I have access to, do not offer …
    in Redcross Comment by 0x23b November 2018
  • (Quote) That was exactly the info I needed! Thank you!
    in Vault Comment by 0x23b November 2018
  • Does someone has a good guide on pivoting, especially bypassing firewalls?
    in Vault Comment by 0x23b November 2018
  • Hi all, hopefully someone can explain me something via PM. I accessed the host but landed in a random hostname (I know what that thing was) - After poking around I found nothing and disconnected. Few minutes later I accessed the host again and lande…
    in Zipper Comment by 0x23b October 2018
  • (Quote) In the command what are the parameters used for? Check the man pages ;-)
    in Curling Comment by 0x23b October 2018
  • Root was quite fun and a lot more easier, than getting the user imho once you get the idea! Ping me, if help is needed! Thanks @snowscan for this great box!
    in Dab Comment by 0x23b September 2018
  • There is one single interesting port I found with the s****t thing, which returns the version. Whenever I try to send some parameters over the line to it, I get "suspected hacking attempt". I already tried bypassing, but not successful... …
    in Dab Comment by 0x23b September 2018
  • As mentioned before, root is pretty strait forward, once you discover the feature, which was just added to Windows 10. You don't have to execute it - think about it..
    in SecNotes Comment by 0x23b September 2018
  • Besides the poison like privesc, there is also another way to get root! Finally got it!
    in Hawk Comment by 0x23b September 2018
  • Just rooted! Thanks to the author for this great box. It's my favorite since so far. The user acces was the whole time just under my hand, but I was too focused on RCE. Rooting is easy once you have user acces.
    in Canape Comment by 0x23b August 2018
  • Finally got root after more than 3 weeks. Lesson learned from this box: Powershell reverse shell is not the same as meterpreter reverse shell O_ô
    in Bounty Comment by 0x23b August 2018
  • I am still working for several days now on this box, trying to get a shell running. I've tried several ways, but none of them work. My meterpreter shell gets the connection but quits after "Sending stage", another reverse shell closes also…
    in Bounty Comment by 0x23b July 2018
  • (Quote) Think of ways, how you can login to a machine. You don't have to pop a reverse shell.
    in Dev0ops hints Comment by 0x23b July 2018
  • (Quote) Do you have any hints for people, who do not have your OSCP notes? I got the idea, how to upload the file and what is necessary to execute it. But can't manage to embed the payload within that particular file and have launch a reverse shell …
    in Bounty Comment by 0x23b July 2018
  • Rooted! Once you find the vulnerable service, just try to play around with the format. Craft a valid file, before even going for the exploit. If you have a working format, the server will accept it. Then you can go and play with the payload. With a…
    in Dev0ops hints Comment by 0x23b July 2018
  • Rooted! PM if hints are needed
    in Jerry Comment by 0x23b July 2018
  • Finally rooted! It took me days to get user access, because I was too dumb, skipping the basic enumeration and going directly to the exploit. 1) Do the basic enum first! You will find something interesting. 2) The exploit will return you some help…
    in Valentine Comment by 0x23b June 2018
  • Just rooted a few minutes ago. I used the python exploit and generated a shellcode with msfvenom. You don't need to change the encoding but the payload. You can also give the payload some parameters like host and port. Read, how you can use msfvenom…
    in Chatterbox Comment by 0x23b May 2018
  • After several hours, I finally rooted the machine a few minutes ago. What I can add is, * forget the secret file as long as you don't know the vulnerable service. * Once you know, what is running, you can google for how to use that service. * The…
    in Poison Comment by 0x23b May 2018
  • there is one interesting password in the file. look at the format and think about, what you can do with it on a windows machine.
    in Jeeves Comment by 0x23b May 2018
  • > @lokori said: > Look harder, it is there. The Lord of Jeeves sees all — his gaze pierces cloud, shadow passwords, earth and systems. Amazing, it's really there! Thank you sir!
    in Jeeves Comment by 0x23b April 2018
  • Got root, but stuck on finding root.txt. Any hints on going deeper? Is it somewhere under Administrator folder and I'm not seeing it?
    in Jeeves Comment by 0x23b April 2018

Howdy, Stranger!

Click here to create an account.