Malone5923

Comments

• Finally rooted this box. This are my thoughts. USER 1. Enumerate the web directories using anything but gobuster. Be recursive if you must. 2. When you get your first creds play around with the username. Alias for root is what? 3. Some people used …

  in Luke Comment by Malone5923 June 2019
• Type your comment> @peek said: > Type your comment> @guly said: > > Type your comment> @peek said: > > Im gonna wait for the ippsec video. Im wondering if english skills/culture is needed ? >…

  in Unattended Comment by Malone5923 April 2019
• Type your comment> @peek said: > is the md5 a troll ? I think it is. I have tried all possible combinations I could think of and converted them to md5. Got nothing, but I might be wrong. DB doesnt give much info to move as expected.

  in Unattended Comment by Malone5923 April 2019
• Type your comment> @FlameOfIgnis said: (Quote) This wouldnt make sense to anyone until you get to that brick wall and you are trying to get pass it, neither does "watchmaker" @mprox . How you guys come up with stuffs like this shocks m…

  in Unattended Comment by Malone5923 April 2019
• Type your comment> @7355608 said: (Quote) You dont need pro for that. You can use the community version or just use curl with some bash scripting.

  in Unattended Comment by Malone5923 April 2019
• Type your comment> @0PT1MUS said: (Quote) Yeah. I am also stuck at this point.

  in Unattended Comment by Malone5923 April 2019
• Enumerate the site, note they got hacked recently.

  in Unattended Comment by Malone5923 April 2019
• Found ftp creds. No idea were to use them lolz

  in Unattended Comment by Malone5923 April 2019
• Box now rated 7.5 in difficulty after 2 user owns lolz.

  in Arkham Comment by Malone5923 March 2019
• Type your comment> @markajbell said: (Quote) Same here. I have been trying several passwords no luck.

  in Arkham Comment by Malone5923 March 2019
• Really good review @21y4d . I like the fact you wrote from a pro HTB member perspective. Thank you for this. I will also appreciate a PM of your pivoting notes as I am taking the exam next month and this will be usefull to me.

  in OSCP Exam review "2019" + Notes & Gift inside! Comment by Malone5923 March 2019
• Type your comment> @sillydaddy said: (Quote) I just got user and I still cant understand your hint. Some of the hints posted in the forums for machine are so vague that they should have stayed in the poster's head cause its meant for him only.

  in Fortune Comment by Malone5923 March 2019
• Honestly I'm shocked at this. The hints we usually get are vague in here. So I wonder what must have conspired for someone to send a detailed walkthrough. Honestly I don't believe your post and I don't see any reason why you should like either.

  in Hackthebox ( Active Machine Spoilers ) Comment by Malone5923 March 2019
• Type your comment> @sesha569 said: > What is the start date or ETA for this feature? just out of curiosity... I would also like to know.

  in The Future of VIP Comment by Malone5923 March 2019
• Type your comment> @1NC39T10N said: (Quote) Fantastic hint. I made a mistake in not using ls -la this cost me some precious time for getting the creds.

  in Netmon Comment by Malone5923 March 2019
• Honestly I think it's an overkill.

  in Machine discussion proposal Comment by Malone5923 March 2019
• I did notice a mistake last 2 weeks I think when netmon was suppose to become active. It was changed at the last minute.

  in Why is Carrier Machine still on the Active list? Comment by Malone5923 March 2019
• Ypuffy, Active were great machines as well and I learnt a lot from them so did a lot of members here. This didn't change the fact that they were all retired. So why is Carrier any different?

  in Why is Carrier Machine still on the Active list? Comment by Malone5923 March 2019
• It is for some. I'm just wondering if the normal flow for moving an active machine to retired as changed. That's the whole point of creating this thread. I expect the Mods to say something about this.

  in Why is Carrier Machine still on the Active list? Comment by Malone5923 February 2019
• What I just want to know is when would this box be retired lolz? I just want to read the write up for root. It should have been retired last week instead of ypuffy according to the normal flow.

  in Carrier Comment by Malone5923 February 2019
• I just used this tool last night and it awesome. Keeping information in a concise manner. I recommend l2 though. I was able to use the tool to get a hint for privesc in an active machine.

  in New linux smart enumeration tool Comment by Malone5923 February 2019
• A subtle hint for root. https://youtu.be/i5h_q7s6pWI

  in Querier Comment by Malone5923 February 2019
• @sportsfreak Impacket has a tool for that. Thanks to @1NC39T10N for giving me a hint on that one.

  in Querier Comment by Malone5923 February 2019
• Rooted! This was a fun box and quite easy and straight forward if you know what to do. My tips on this box. Initial Foothold. 1. Just enumerate the open services. If for some reason your preferred tool failed try another and try again some more. I h…

  in Querier Comment by Malone5923 February 2019
• @garbo77 . String it up 😉

  in Querier Comment by Malone5923 February 2019
• Any hints on why the creds is not working for db? I have got the right uid and pass. I even specified the database name. Ill appreciate a PM.

  in Querier Comment by Malone5923 February 2019
• There is a lot of bloody ports on this box. Gobuster is getting anything either. A lot of dead ends. Keep enumerating

  in Querier Comment by Malone5923 February 2019
• Very nice tool. Uses selenium for interacting with web pages. Makes easy for noobs to understand how brute forcing works.

  in Hatch - brute force - login Comment by Malone5923 February 2019
• *Spoiler Removed*

  in Friendzone - HackTheBox Comment by Malone5923 February 2019
• @g0blin. Thanks for sorting me out. Its working fine now.

  in The Future of VIP Comment by Malone5923 January 2019
More Comments