Finally rooted this box. This are my thoughts.
1. Enumerate the web directories using anything but gobuster. Be recursive if you must.
2. When you get your first creds play around with the username. Alias for root is what?
3. Some people used …
Type your comment> @peek said:
> is the md5 a troll ?
I think it is. I have tried all possible combinations I could think of and converted them to md5. Got nothing, but I might be wrong. DB doesnt give much info to move as expected.
Type your comment> @FlameOfIgnis said:
This wouldnt make sense to anyone until you get to that brick wall and you are trying to get pass it, neither does "watchmaker" @mprox . How you guys come up with stuffs like this shocks m…
Really good review @21y4d . I like the fact you wrote from a pro HTB member perspective. Thank you for this. I will also appreciate a PM of your pivoting notes as I am taking the exam next month and this will be usefull to me.
Type your comment> @sillydaddy said:
I just got user and I still cant understand your hint. Some of the hints posted in the forums for machine are so vague that they should have stayed in the poster's head cause its meant for him only.
Honestly I'm shocked at this. The hints we usually get are vague in here. So I wonder what must have conspired for someone to send a detailed walkthrough. Honestly I don't believe your post and I don't see any reason why you should like either.
Rooted! This was a fun box and quite easy and straight forward if you know what to do. My tips on this box.
1. Just enumerate the open services. If for some reason your preferred tool failed try another and try again some more. I h…