ekenas

Everyone can get stuck, I’m aware of that and I will try helping you if you send me a PM. If you can provide some details on what you have accomplished so far the chances of geting an answer increases significanlty :) https://www.hackthebox.eu/home/users/profile/222808

About

Username
ekenas
Joined
Visits
1,191
Last Active
Roles
Member

Comments

  • Type your comment> @TazWake said: > @ekenas said: > > (Quote) > I just want to add to the love here. This was an awesome box. It looks at a $thing I don't (didn't?) know very well beforehand. This meant I learned a lot and was ac…
  • Type your comment> @nopej0hnson said: > Welp, that machine was something I completely wasn't going to expect. Thx, @ekenas, learnt a lot! Glad you liked it!
  • It should present you with alternative ids by just clicking in the wit-control. If you don’t get any suggestions you need to supply one manually. https://docs.microsoft.com/en-us/azure/devops/notifications/add-links-to-work-items?view=azure-devops
  • I just tested the complete exploitation process of worker and it was fine (EU2).
  • Type your comment> @blacViking said: > It was an amazing box, Learnt something new. User and Root both were great. > Initial Foothold:The server still has that thing that you think is not there. Find a way to get that. > User:It is sa…
  • Type your comment> @in3vitab13 said: > @ekenas the machine is not functional for most of the time. > running out of patience . Hi @in3vitab13 can you PM me with info and I’ll try to see if I can help out. I see a lot of people rooting…
  • The reason the merging is setup this way becomes quite clear if you are a big team of developers and you need to keep the master branch in a functional state and ensure proper tracking of what work has been done. Typically someone higher up the chai…
  • The window is 10 minutes
  • Type your comment> @beehammer said: > Type your comment> @ins3cure said: > > (Quote) > No joke on the r******r bit! Looking for any nudge in how to get around that particular hurdle. I am able to do just about everything else …
  • There may be more than one way to root Worker and at least one requires hacking/exploitation skills ;)
  • An update... Looks like one of the performance fixes has been applied to worker. Hopefully this means a lot less loading screens :) Happy hunting!
  • Hi, just wanted to give you guys a little info about worker being so slow. Normally a server such as worker is setup in different tiers in a production environment. This was not possible on HTB since as machine creators we have to put all components…
  • Type your comment> @S98 said: > I don't understand. What am I doing wrong? > Some guys said that the creds is used in plain text. > I tried it over and over again, without proxy, even used > curl -v "http://d.w.h" --nt…
  • For info we are doing some research to why one big part of worker is running "kinda" slow. Again kudos to all of you that pushed through that part and sorry if it caused you some extra hours! * All things come to him who waits - provided…
  • Type your comment> @rholas said: > I found creds for de....s.......htb page, but I get only an empty page. > This is a rabbit hole? That is not a rabbit hole> @offs3cg33k said: > ROOTED!!!!! Finally > > Thank you @Dem…
  • Hi all, I can see that some of you have grown a few new gray hairs while waiting for responses on worker. Sorry for that, but at the same time big congrats to all of you that pushed through! If you find creds laying around and want to try them ou…
  • Keep up the good work and hope you all will have some fun!
  • If you want to build an AD pentesting environment I assume you have a Windows physical box to start with. Have a look at Hyper-V. Enabling this feature gives you all you could wish for in a virtual environment. Hyper-v is available on both win10…
  • Finally got user on this machine! This was by far the most time consuming challenge I so far have taken on me. But stubbornes finally pays off :) Think I need a mental break before even trying to get root, I almost throwed the towel in on this on…
    in PlayerTwo Comment by ekenas March 1
  • A nice feeling after rooting this box! I’ve been weak on acl:s but this box has forced me into learning this topic at least a little bit more. Curious to know if anyone managed to go from user to root by executing fine grained commands instead o…
    in Control Comment by ekenas February 16
  • Type your comment> @cos said: > any help for the p******s? > I cannot find anything useful,do i need to find creds somewhere ? There is a file in r**s home which contains clues on what he has done and what he still has todo...
    in Zetta Comment by ekenas February 10
  • Type your comment> @avz7 said: > I don't know how to go beyond this error in r**** when I try to access any module > > @ERROR: access denied to bin from UNDETERMINED (dead:beef:4::1234) > > I though of using the f** server t…
    in Zetta Comment by ekenas February 9
  • Type your comment> @TestUserx said: > Type your comment> @squirrelpizza said: > > (Quote) > same here. i even ran it through SQL Server, since it can natively decode base64, but it still ends up being a bunch of gibberish I…
    in Nest Comment by ekenas January 28
  • Thank you @VbScrub for a nice box! You really taught me something new about the windows file system that I have never seen on a windows box before and I've been working in the IT industry for many years! Thanks for letting me play ;-)
    in Nest Comment by ekenas January 26
  • Just out of curiosity, the file indicating the pw for debug mode in c***** home, shall this be empty?
    in Nest Comment by ekenas January 26
  • Type your comment> @jvlavl said: > hi I have an i**6 ending on e2c6 but when I try to use it I get No address associated with hostname > > Is it the correct address? > > Please advise The Ipv6 adress changes everytime z…
    in Zetta Comment by ekenas January 26
  • Finally rooted! This was my first hard box and therefore also took longer time to complete. The whole journey was worth it in the end, even though someone changed the cms login password - took some extra time, but thanks to @plackyhacker for ackno…
    in Registry Comment by ekenas January 16
  • Community friends! I'm reaching out a hand here for the initial foothold. I've identified the attack vector and also tried shooting my payloads against it, but I just can't get it to perform any RCE. So back to roots, I did spend some time to…
    in Json Comment by ekenas January 10
  • Type your comment> @RaNa said: > Type your comment> @3ken45 said: > > (Quote) > j****a Then you are on the right user, and it should work... Try resetting the machine. Also check the uid of the users in passwd to ensure …
    in OpenAdmin Comment by ekenas January 8
Avatar

Howdy, Stranger!

Click here to create an account.