cyberafro

Please be grateful by leaving me a respect on main site if any of comment/message somehow helped you...

About

Username
cyberafro
Joined
Visits
1,788
Last Active
Roles
Member

Comments

  • Funny box, hint for those in need. msf is your friend for user and privesc, intermediate step requires a good reading skill and some manipulation... I hope I haven't say too much.
  • Rooted after 5 months of inactivity. The initial foothold was not so easy but very interesting. Very nice box ippsec Hints for anyone in need: Foothold: Contact the helpdesk if you need help! User: After reading your emails, connect with the inform…
  • Type your comment> @daemonzone said: (Quote) Thanks, @gunroot also pointed me in the right direction,
  • Could someone that got the 5th flag replicate, I'm struggling to get the P** code accepted. Private and public bits already modified.
  • Box has been too unstable for the last 3 hours, I can't have 200 successful pings in a row... On VIP... 😒 64 bytes from 10.10.10.191: icmp_seq=192 ttl=63 time=148 ms 64 bytes from 10.10.10.191: icmp_seq=193 ttl=63 time=148 ms 64 bytes from 10.10.10…
  • As you are having the same error on other boxes, I suggest you reinstall it.
  • Longest path to the user I've ever done... 😓 This box requires a lot of patience, if you are not, leave it. Almost all hints are given here: User : Enum - enum - enum, Root: a little trick and root will give you success. This box is definitely not…
    in Admirer Comment by cyberafro May 2020
  • Wow, congrats, saw you finally posted in the right thread : https://forum.hackthebox.eu/discussion/2570/openadmin#latest but i don't know if possible to delete the current... Good luck with your future rooted boxes.🙂
  • The box was pretty stable for me for hours. Foothold: one popular web exploitation to login and box name for a trick to upload what you need for next step User: enum, dump all needed info then switch user. Root: enum, find a particular file, learn …
    in Magic Comment by cyberafro April 2020
  • Finally rooted, box made me crazy. Lost 3 first days because the foothold port didn't show up in my nmap scan.🤪 Foothold: After a good scan, browse, find CVE of the app running to get creds User: You can try it manually, but hydra makes you save t…
    in ServMon Comment by cyberafro April 2020
  • The site is still fine after I restarted my connection, on US VIP 25. Try to ping the hostname, if ping = no resolution, -> problem with your /etc/h* file, confirm by ping on IP else if ping resolution ok & fail, something with your machine …
  • Type your comment> @nav1n said: (Quote) Your /etc/h*** file is intact ?
  • HTB also makes announcements on their social networks ( twitter - LinkedIn) for new/retiring box/challenges, so another way to be updated.
  • Type your comment> @VbScrub said: (Quote) Good point, keep on the good work
    in Cascade Comment by cyberafro March 2020
  • Type your comment> @VbScrub said: (Quote) Haha, I'm guessing they'll be hard or insane boxes 😈
    in Cascade Comment by cyberafro March 2020
  • @VbScrub , great work making this box ! Once again you're amazing all of us with your mastering in Windows administration. This box teaches us that every step is important for a good pentest , keeping notes of everything we find, and definitely enu…
    in Cascade Comment by cyberafro March 2020
  • Type your comment> @spowlay said: (Quote) Nope, try harder
    in Cascade Comment by cyberafro March 2020
  • Box is up, damn 15 users 🙄
    in Cascade Comment by cyberafro March 2020
  • Nice one, i like your path to user, i used different method with PS invoke command. Btw, i'm impressed that you are comfortable doing all the stuff in Windows, while we mainly use Linux (Kali/Parrot) here.
  • Type your comment> @unethicalnoob said: (Quote) Make sure your payload parameters are correct (srvhost and lhost)
    in Remote Comment by cyberafro March 2020
  • Am i the only one getting this with my evil-winrm ? NOTE: Gem::Specification#rubyforge_project= is deprecated with no replacement. It will be removed on or after 2019-12-01. Gem::Specification#rubyforge_project= called from /var/lib/gems/2.5.0/spe…
  • Type your comment> @htbuser01 said: (Quote) You are you have no local creds ? Don't know what you call "piece of code" @Raekh, switch user as said before
    in Remote Comment by cyberafro March 2020
  • Type your comment> @bugeyemonster said: (Quote) Check your settings
    in Sniper Comment by cyberafro March 2020
  • Type your comment> @htbuser01 said: (Quote) If you got creds, you have to switch user, another method exists though
    in Remote Comment by cyberafro March 2020
  • @Meatex @H1L021 , TV is not rabbit hole, don't look far, there's a search function in the well known tool you used for having user shell...
    in Remote Comment by cyberafro March 2020
  • Type your comment> @dyl88 said: (Quote) Enum more what is installed/running on the box
    in Remote Comment by cyberafro March 2020
  • Type your comment> @101001101029A said: (Quote) I logged in a few minutes ago, the password for the page is still valid (on vip-us though) I think the u***c service is unintended way 🙄 and make people like me reset the box, even if it worked fo…
    in Remote Comment by cyberafro March 2020
  • Yeah, very easy challenge. Don’t need to overthink this, google is your friend for knowing how to get what you want from the file.
  • Type your comment> @bill110179 said: (Quote) Same problem here, i'm going to reset if it persists !
    in Remote Comment by cyberafro March 2020
  • Type your comment> @DaFoster922 said: > Type your comment> @cyberafro said: > > (Quote) > I don't see the difference between the low priv shell and the white wolf shell. Is there something white wolf can do that I'm missing? I…
    in Sniper Comment by cyberafro March 2020
Avatar

Howdy, Stranger!

Click here to create an account.