Gn0m3h4ck3r

About

Username
Gn0m3h4ck3r
Joined
Visits
371
Last Active
Roles
Member

Comments

  • Can anyone give me a hint on getting the winrm app to work? It is constantly giving me a connection timeout issue even after box reset. Any hints would be greatly appreciated on getting this working. Or an alternative way.
    in Heist Comment by Gn0m3h4ck3r March 21
  • Thanks for both of your answers. I had already tried everything mentioned. The only thing I can think is that there is something blocking files of a certain size as I can transfer linenum.sh but I cant transfer linpeas.sh, pspy32, pspy64 or anythin…
  • Can someone PLEASE explain how to get pspy onto the machine? It continuously hangs when i try to transfer it. I have figured out what to attack to get root but im now annoyed with trying to figure out how to transfer pspy. I have tried simplehttps…
  • Im trying to download PSPY onto the machine but I seem to be having issues transferring any file onto the machine. It begins but then after about 3 seconds it hangs and the progress bar doesn't move. I have tried with SimpleHTTPServer, http.server a…
  • Type your comment> @aaaguirrep said: > Hi, I have accessed to the server with r**** user. I see that the user doesnt have permission to read the flags. Am I ok or I need to accesswith other user? You can write me dm. As with ANY HTB machi…
  • For anyone struggling to find the directory, you know what the end path is. You are only missing the parent directory. Do not just search for the parent directory. Search for an entire path fuzzing the parent directory only.
  • Please anyone help with directory fuzzing. I have tried reading the webpage, the specific error message, tried to do it manually, tried with burp intruder, wfuzz, ffuf, gobuster with all different extensions but I honestly can't find ANYthing... Pl…
  • can someone please help me understand which user to place the ssh key into? I have tried creating my own user to no avail. I have tried with users I expect may be on the box again to no avail. Please someone help me out. EDIT: woohoo! Figured it o…
    in Postman Comment by Gn0m3h4ck3r January 8
  • Could anyone give me a slight push in the correct direction? I have tried two ports, multiple exploits, directory fuzzing, manual exploitation and nothing seems to be taking a hold. With one port I am getting read-only slave. With the other there i…
    in Postman Comment by Gn0m3h4ck3r January 8
  • Type your comment> @h4kr said: (Quote) I did Mr J first and then post root, went back and did that faster shortcut. I think it was more fun doing it the long way though. This was one of my favourite boxes. Easy but still gets you thinking how a…
  • Im sure you could get your own msfvenom one to work if the format is python. But I was trying it on my machine first when my kali is 64 bit and the shellcode was a 32 bit code.
  • Disregard. 64 vs 32...
  • Could someone PM me about initial foothold? I know what I need to do but have never played around with this so unsure how to get it to pull off my server for upload.
  • Type your comment> @Impulse said: > Quite confused by your question really... > U start this discussion with the title to speed up vm but instead commenting about the internet speed 🤔🤔 You’re confused about my question? If you read …
  • I don’t think so @SaThaRiel74 because IPPSec has made mistakes in videos before and the way he talks when he makes that mistake it’s like it is actually happening. Or else he would be like “here I made this mistake, blah blah blah”. Instead he’s lik…
  • I am vip and nowhere near as fast as IPPSec.
  • I’m thinking that because IPPSec is their trusted walkthrough provider that he gets a better VPN with higher allocated bandwidth.
  • I wonder if it is something to do with processors... I’ve upped my ram to 4gb.. don’t know whether to up it again to 6-8gb ram. Not sure if that would make much difference. I have a 16gb ram 8 core laptop so I can dedicate more to it but would p…
  • The fact they have mentioned Documentation might mean that you were not thorough enough in detailing how you exploited each machine. They need to be able to replicate exactly what you did and get the same results. If they follow your exploitatio…
  • Rooted this earlier. Very frustrating box but learnt quite a bit thanks to @s1mpl3 Tips for ROOT: Once you are banana, research ELK, pay attention to the three files and understand regex. These were my silly mistakes that made this box take a lot l…
  • Has anyone got a good guide for grok? I can't seem to find the correct syntax for these specific commands...
  • Can someone help me out with a little nudge on K******* user? I am trying to run the LFI but it is not working for me... I can't figure this out.
  • Could someone give me a hand on cracking the password please? I am having ALOT of issues cracking them even though its saying I have successfully cracked them..
  • So I am currently s******y user. I have used pivot to get to the k****** app so I can access the console. Do I need to do this? The LFI online doesn't make much sense to me. Any pointers would be greatly appreciated.
  • Is brute force needed for that image? I have found the password in the db dump, no username though. Looked through two directories. Gobuster and dirbuster running for an hour and nothing else found. A little nudge would be appreciated if I’m not on …
  • Got root. Third box I cracked in one day. Learnt a lot!
  • Thanks @DrDrizzyT for the nudge without giving too much away. I understand why everyone was so let down by root... could have been a few ways to make that more interesting but the learning of curl for json web tokens was worth putting in the effort.…
    in Luke Comment by Gn0m3h4ck3r August 2019
  • Damn I was pulling my hair out trying to get that JWT curl command to work but a quick play around with end points and removing something that was not required returned a successful token! Ecstatic!
    in Luke Comment by Gn0m3h4ck3r August 2019
  • [email protected]:/# Anyone having issues with it, message me. I will give you some decent hints as I ran into all the bugs and all the rabbit holes that you can think of. Googled the right things with the wrong answers. Learnt quite a bit though so at…
  • .
Avatar

Howdy, Stranger!

Click here to create an account.