Last Active


  • Oops, it removed the part after -p. "nmap -sC -sV -p (port to scan)"
  • What are you trying to accomplish? The $ports option doesn't belong in there (I'm not even sure it exists). If you're trying to scan specific ports it would look something like "nmap -sC -sV -p".
  • Did you verify that YOUR IP and Port are correct inside the php-reverse-shell.php?
  • Rooted, onto Cascade! PM for nudges/help. Respect greatly appreciated (and expected, as I give respect to anyone who responds to one of my messages or helps me on Discord - profile link is
  • Anyone available right now that can help me out? So close to getting root but something is just off... Want to run my process/*** payload/commands, etc by someone and see if the box is messed up or if it's me. Discord is SullyInATX#4126.
  • You can pentest on any *nix distro; Kali is just much more convenient because it includes almost every tool you need to get started, sans all of the great scripts and tools you'll find on Github (which a lot are considered mandatory).
  • Type your comment> @TazWake said: (Quote) Thanks for the tip. I'll give it a go when I get some free time... Just started Obscurity (... initial recon is looking horrible) so I'll probably go back to it then, retired or not, and try it.
    in Mango Comment by SullyInATX January 2020
  • Anyone able to pop a rev shell/root rev shell? Even though I've completed the box, I didn't accomplish everything I wanted to.
    in Mango Comment by SullyInATX January 2020
  • Also, I'm usually VERY good about "respecting" as soon as someone replies to/messages me. If I forgot to give respect and you helped me with this box, please let me know! Thank you @MrR3boot for the box. I learned a lot, on my own and more…
    in Mango Comment by SullyInATX January 2020
  • Rooted! After a brutal 4 days and LOTS of help. Couldn't have done it without guidance from @FLameDay, @peterdjalaliev, @salt, @lukeasec and most of all, @Spaxy (I'm so sorry if I've left anyone out!). Feel free to PM if you need any nudges. I've al…
    in Mango Comment by SullyInATX January 2020
  • Alright, I have an SSH connection with admin shell and have downloaded and ran LinEnum, but I have no idea what to look for to get root... Also, I'd love to pop a reverse shell. I'm used to seeing www-data shells in videos, etc. Anyway awake that ca…
    in Mango Comment by SullyInATX January 2020
  • @up2nogood You have to be patient; a lot of people are from different countries and are just on different schedules. Also, this box is what, 3 months old now? Anytime I need to message someone about a box I'm on, I click their name and check their l…
    in Mango Comment by SullyInATX January 2020
  • After 3 days and help from multiple forum members who I will tag when I get user and root flags/complete the box, I've reached the "Under Construction" page. I assumed it'd be time to move onto **H now that I've extracted creds but no matt…
    in Mango Comment by SullyInATX January 2020
  • Read every page and each comment, yet I'm just drawing blanks. Can't get past my initial recon which led to the search engine (i***x.php) and the web application @ a*******s.php. I have tried looking at the cert and nothing is jumping out at me. I h…
    in Mango Comment by SullyInATX January 2020
  • Very unfortunate for me as I was going to make a thread titled "Suggestions for Backlit Keyboard." Lol. I don't want to make anything too similar. Unfortunately I can't help with your issue but hopefully some others read this - I use a Fil…
  • Surprisingly a lot of people have to Google how to even sign up for HTB. That should be your first exercise/lesson. Just have them navigate to and tell them they have to "hack" to sign up! Will spread the word about the site,…
  • @sqw3Egl @antim4g3 I don't think the zero day finder/author of the CVE/box creator intended for his exploit to be used on this box. You need to read that article very carefully, look at all the pictures carefully, read the exploit line-by-line caref…
  • Got user and root about an hour ago. Great box ;) Took 3-4 days off and on, with a LOT of help from members here in the thread. Thank you all so much for the hints/help.
  • Made it to w**-d*** and a reverse shell with the help (and not so subtle "hint") from @harshallakare. @beorn was also a great help. Now, I guess it's onto enumeration and privesc!
  • Since the creator of the box was the one who found the zero day and wrote the CVE, I think he probably (maybe?) made it to where the script he wrote isn't supposed to work. It probably could with some heavy editing but, as I was hinted at, just read…
  • @beorn has been a great resource for help/hints but he hasn't responded for ~8 hours and I'm still stuck at the damn web API. I tried the C** e****** written by the author but it doesn't grant RCE as it's supposed to. I get errors with the parser th…
  • I'm a complete beginner at this, although I do have 15+ years of IT/networking experience (sysadmin). Trying to change fields. I was able to discover all of the files/directories. I've read every comment on every page for this box - I'm definitely a…
  • Hey everyone. Still new to all this. Ended up finishing the Access machine following IppSec's video and taking notes. Working on this one now and following along with his video exactly as he does. When he sets up his listener using N****t, I'm getti…
    in Carrier Comment by SullyInATX March 2019
  • IppSec released his Access video. Of course his nmap scan doesn't work for me.
    in Access Comment by SullyInATX March 2019
  • Damn, looks like Access got moved to retired machines over the past ~5 hours or so, but it's still available on the free servers. Edit: IppSec uploaded his Access video on YouTube. His scan doesn't work for me either.
    in Access Comment by SullyInATX March 2019
  • I've tried every nmap scan possible and all I get is filtered ports. Yes, I'm new to this and I don't care if you flame. Just here to learn. I know how nmap works, I know basic networking, I'm just not sure how to gain access and view possible open …
    in Access Comment by SullyInATX March 2019

Howdy, Stranger!

Click here to create an account.