1337mn

file:///root/htb/boxes/craft/screenshot.png

About

Username
1337mn
Joined
Visits
224
Last Active
Roles
Member

Comments

  • ....rooted. User: 10 seconds if you did Sauna prior to this box Root: 1. roll your own evildoer 2. As mentioned, the high port likes evil tools 3. Add evildoer to Ggroups as mentioned in the atricle, and vids 4. Remember to add your evildoer to …
    in Forest Comment by 1337mn March 5
  • I used EDB in Kali. Not sure what you are referring to, but just set your breakpoints on all of the calls. A pattern will appear, then just modify once you have the generated "key". I editited stack directly and it worked.
  • I used edb in Kali. Just set all the breaks and follow the execution carefully, you will see.
  • @MinatoTW Thanks for this exercise, taught me a lot about what can be gleaned from the process, also about seeing the trees amongst the forest.
    in Heist Comment by 1337mn September 2019
  • Type your comment> @C3PJoe said: (Quote) Thanks for the comment "Think a little forensically" - rooted
    in Heist Comment by 1337mn September 2019
  • Hi Folks, Stuck on privesc - I have the db files I have dumps of the process What am I looking for? Am I in a rabbit hole? Thanks
    in Heist Comment by 1337mn September 2019
  • (Quote) I used pscp: https://www.chiark.greenend.org.uk/~sgtatham/putty/latest.html * Create a cmd session (upload nc to victim, reveres to attacking box) * Upload pscp, and use it like you would scp
    in Heist Comment by 1337mn September 2019
  • Type your comment> @azeroth said: (Quote) Use hashcat - no rules - rocking list - crack in less than a minute
    in Heist Comment by 1337mn September 2019
  • August 6 Report Spoiler @nospace 1. Did you get "all" of the creds? More than one set works. 2. If yes and it still does not work, then try reverting box. If not, continue your enum on the db
    in Craft Comment by 1337mn August 2019
  • Hi Folks, FYI I had a hard time with user on this one (after initial shell) - SSH hang. Google the exact behaviour and read all. I found a solution that works that I have never run into before.
    in Craft Comment by 1337mn August 2019
  • @algorithm You are on the right track, keep at it. I suggest adding all of what you enumerate into the hosts file. Beyond that, I am stuck at trying to make v***t work. If respect is earned, respect is given.
    in Craft Comment by 1337mn July 2019
Avatar

Howdy, Stranger!

Click here to create an account.