Last Active


  • Finally rooted this useless box. Many time was wasted on enumeration and attempts to trigger a reverse shell. Here are my hints: * Enumerate, * Hint with VERBS and teacher is very helpful, * Enumerate again, * Read official docs, * Don't rely on br…
  • This is the worst box in my experience on HtB. You just need to bruteforce practically all the things you see. I don't know why this shitty box has only 30 points and why jury accepted this box at all.
  • I thought this shitty task was already retired :smiley: But people still bang their heads against a wall. This task won't teach you anything. It's just a flag bruteforcing task using strings from the script.
  • Actually, you don't need any tool except web browser. Just read sources closely and use one of OWASP Top 10 vulnerability. Nothing more needed. Tools were a rabbit hole for me.
  • Is the "tool" s****p? I tried it with s**l option, but unsuccessfully.
  • Don't forget about badchars! Test for badchars as described in the course PDF. It's simple.
  • Здарова! Вот уж не ожидал такого поворота, но надеялся, что начнем объединяться :) Надо рейтинг России поднимать на этом сайте!
  • I solved the "challenge". Sorry, but the name of the challenge should be "The Shit", not "The Snake". It's absolutely shitty and useless. It's like "try to guess what the author thought at full moon last year"…
  • Why some badges are empty?
  • Give a hint about a privilege escalation from tom, please! I see that there's a pentest tool, but I can't run it. Any hint, please how to move a next step. Thanks in advance!
    in Reel Comment by b1narygl1tch July 2018
  • Spoiler Removed - Arrexel
  • Hello! I have a low privileged shell (netcat) but I don't know how to escalate privileges. Could anyone give me a little hint, please? I found a file (artifact from well-known utility) with hashed password and I cracked the password. I tried the pas…

Howdy, Stranger!

Click here to create an account.