New video up:


Last Active


  • I've not used commando VM myself but assuming they're using WSL for the kali linux part, just type "wsl" in command prompt and it should launch you into the kali shell
  • Type your comment> @rub1ks said: (Quote) yeah one of the first machine's I ever did on here used the same initial foothold method and I had to ask someone to give me a hint. Its one of those things you either already know about and just give it …
    in Sauna Comment by VbScrub June 26
  • @japh42 glad to hear you got it done and the videos helped clarify things :) btw did you get a reply from the support ticket? I'm curious if they're still telling people its not a problem for anyone else despite loads of people reporting it now
    in Sauna Comment by VbScrub June 25
  • @zaicurity I wouldn't say you should aim to have NO open ports on your public IP. If you have an on site mail server you're going to need port 25 open. If you want to be able to connect with a VPN, you're going to need a port open for that, etc. Yes…
  • Type your comment> @LukuRajad said: (Quote) The reg version of that username doesn't actually exist anywhere and therefore that reg key wouldn't actually do what its meant to. I assume its a mistake from the box author (or perhaps just a little …
    in Sauna Comment by VbScrub June 24
  • t> @rub1ks said: (Quote) That was the idea so I'm glad to hear that :)
    in Cascade Comment by VbScrub June 23
  • The firewalls you're talking about are on a per computer basis - what you really need (and I suspect you already have) is a network firewall that separates your entire network from the internet. Presumably you have something like this that was forwa…
  • I don't think there's anything like that at the moment no, but yeah it would be nice. I guess the reason they don't do it is because everyone has just got used to the fact one new machine comes out on Saturday every week
  • Like @TazWake says a lot of it is going to depend on your exact environment and requirements. Honestly I don't think its something you can really get an answer to on the internet just by posting a question like this. I think if you're serious about …
  • @notdeltron64 there's 30 pages of nudges here. If those aren't enough and you need a spoiler, there's also now loads of write ups available because the machine was retired.
    in ServMon Comment by VbScrub June 22
  • Thanks for the script, will check it out :) FYI technically that backup privilege isn't an "AD privilege". Its just a local machine priv that exists on all non domain machines as well, like every other privilege shown here: https://docs.m…
  • (Quote) It is retired. There's just a grace period of a week or something where retired machines are still available to non VIP users. As for why it got retired earlier than others, I guess just the review scores. It had the lowest score out of all…
    in ServMon Comment by VbScrub June 21
  • Finally got round to trying to get root on this and was successful fairly quickly (once I'd rewritten one of the PoC tools in VB of course). Pretty much just look at what your account is allowed to do, google it, and you'll find some examples and co…
  • (Quote) Try to use a wordlist with common passwords (like rockyou.txt) with your password cracker, rather than just full on brute forcing
    in Sauna Comment by VbScrub June 20
  • (Quote) Will send you a PM to explain
    in Sauna Comment by VbScrub June 19
  • (Quote) Trouble is for me that's not true. When I access S** or L*** with the new credentials, I get kicked out as soon as the password gets reset. Guess I need to look at connecting in some other way. EDIT: Managed to just do quick enum between pa…
  • Is it just me or does something constantly reset the passwords of the account(s) that we have a password for? The passwords need to be changed, so I change the password and can successfully access some things but literally 20 seconds later it has ch…
  • man this initial foothold is really kicking my ass lol seems like we only really have access to one thing and its a very basic thing that doesn't seem to expose any useful info other than a few usernames. Can't find any public exploits regarding it …
  • (Quote) Its been said a lot of times in this thread already (surprised you've not read through a few pages if you've been stuck for ages), but you don't need to bring the dead back to life. If you did that it would ruin the box for everyone else unt…
    in Cascade Comment by VbScrub June 13
  • (Quote) If you mean you just googled the encrypted password and found the code online that decrypts it, then no that is not the correct way. A few people have reported that there's some public examples of where people have put the decompiled code on…
    in Cascade Comment by VbScrub June 13
  • @Harry123 see my comment on the previous page: https://forum.hackthebox.eu/discussion/comment/75820/#Comment_75820
    in Sauna Comment by VbScrub June 11
  • Type your comment> @nitin122 said: (Quote) that's got absolutely nothing to do with this 2 month old thread... and people won't just tell you how to complete challenges
  • (Quote) Thanks, glad it was worthy of a comment :) haha @6uta I'm not sure what the l*k file is that you're referring to but send me a PM if you want to discuss without having to censor
    in Cascade Comment by VbScrub June 8
  • @TazWake I assumed that all of the machines were dynamic hash now and that the box authors didn't have to do anything to enable that. There's no mention of it in the machine submission FAQ or checklist, so I didn't do anything related to that. I as…
    in Cascade Comment by VbScrub June 8
  • @kryssar haha thanks, glad you enjoyed :)
    in Cascade Comment by VbScrub June 8
  • Great write up and glad you enjoyed the box :)
  • Type your comment> @gameovertime said: (Quote) Happens a lot with this box for some reason. Reported it to HTB support ages ago and they said it must be fine cos other people aren't having that problem. So yeah report it to them as well and hope…
    in Sauna Comment by VbScrub June 4
  • make sure you've downloaded the latest version of Impacket? I think there's an older version included with Kali (if you're using that) which has some issues.
  • (Quote) :lol: I think I get what you're going for here (Quote) Not sure what "last one" you mean. Send me a PM and can discuss
    in Sauna Comment by VbScrub June 2
  • I hope so. Makes sense when every machine ends up getting a thread created for it

Howdy, Stranger!

Click here to create an account.