farbs

If you write something on my wall, I will delete it immediately. Make sure you send me a PM and not a wall post!

About

Username
farbs
Joined
Visits
52
Last Active
Roles
Member

Comments

  • The samba version is clearly vulnerable here. This particular version, samba 3.0.20, is vulnerable to RCE. You could tell that by running searchsploit samba 3.0.20 and getting the resulting exploit. From there, one can obtain the exploit by navigat…
  • So far, I've spent more time setting up a Windows VM just to DO THIS BOX than I have actually working on the box itself. Not sure if this is intended or not, but I spent the last 8 hours trying to figure out how to do it in Linux and it doesn't work…
    in Json Comment by farbs September 2019
  • Rooted. Pretty disappointed with this one. Thanks to the creator, regardless.
    in Wall Comment by farbs September 2019
  • I may be interested. Feel free to PM.
  • What's up with some of the poor reviews on this? It was really straightforward and simple -- I actually really liked it a lot. Thank you for the box, @guly. Hints... User: Enumerate the web service. Check out different web directories to get back…
    in Networked Comment by farbs August 2019
  • Type your comment> @Tohzzicklao said: (Quote) Not a spoiler. But I've already found what you're referring too and can't latch on.
    in Scavenger Comment by farbs August 2019
  • Staring this stupid insect in the eyes right now... I'm in, but need some clarity. Any nudges?
    in Scavenger Comment by farbs August 2019
  • Type your comment> @feffi said: (Quote) Not sure what you're referring to...
    in Scavenger Comment by farbs August 2019
  • Not even sure where to focus my energy yet...
    in Scavenger Comment by farbs August 2019
  • Type your comment> @Ryan412 said: (Quote) The SHA-256 is merely a pointer... I wouldn't bother trying to crack it. Look at the running processes on the machine instead.
    in Heist Comment by farbs August 2019
  • Nice and easy box. Thank you @MinatoTW for the quick solve -- I've enjoyed almost all of your boxes so far (except for Ghoul, I'm sorry :disappointed:)... This was a great way of introducing a Windows box to newer users with less environmental famil…
    in Heist Comment by farbs August 2019
  • Type your comment> @debeMechero said: (Quote) Focus on the name of the box
    in Rope Comment by farbs August 2019
  • Did you reset the box and then root it?
  • Type your comment> @juggydancesqd said: (Quote) Careful saying they "don't work anywhere"...
    in Heist Comment by farbs August 2019
  • I'll hop in on this if anyone is willing to share the link here as well.
  • Personally, I run through a box just to root it initially, taking some light notes along the way. After rooting it, I'll go back and verify each of my steps for future reproduction -- this is for a general means of understanding, but also to provide…
  • Type your comment> @krypt said: (Quote) No need for obfuscation.
    in RE Comment by farbs August 2019
  • Should the form's web dir be enumerated further? I've tried sub-domains, vhosts, web dirs, etc. to locate this binary and I'm not finding it. Am I functionally stupid...? Also, congrats @sampriti, you crushed it.
    in Rope Comment by farbs August 2019
  • So sad this box is retiring this weekend... It was my favorite one on HTB :disappointed: Looking forward to Rope though with high hopes! :)
    in Fortune Comment by farbs July 2019
  • Type your comment> @limbernie said: (Quote) Lmao, you're definitely not wrong referring to the password. I had a massive "wtf" moment with that.
    in Safe Comment by farbs July 2019
  • Rooted. Didn't like this box at all -- almost wondering how it even got selected in the first place? Feels like a repeat of another box cough (some will know which I'm referring to). Anyways, hints: user As others have been saying, provide your ow…
    in Safe Comment by farbs July 2019
  • Type your comment> @Sp3eD said: (Quote) There's more than one method, my friend :)
    in RE Comment by farbs July 2019
  • Type your comment> @rallyspeed said: (Quote) Refer to the "higher" port. Sorry, my description wasn't as accurate as I could have made it. Two ports is correct.
    in RE Comment by farbs July 2019
  • Rooted! And had a great time with it, too. Pretty cool concept for a box :) Here are some hints for user/root: User Make sure you pay attention to the service that is running on the higher port. There's one in particular that you can abuse specifi…
    in RE Comment by farbs July 2019
  • Type your comment> @johnnyz187 said: (Quote) Not a rabbit hole.
    in RE Comment by farbs July 2019
  • Type your comment> @cdf123 said: (Quote) Not su[RE] what you’[RE] [RE]ferring to :)
    in RE Comment by farbs July 2019
  • Type your comment> @KeyboardCaper said: (Quote) Probably good to note for this that python -c 'import pty;pty.spawn("/bin/bash")' won't work with any versions of Python3, so specifying python3 -c ... is necessary. Otherwise solid descr…
  • Type your comment> @BaiduFu said: (Quote) You did it backwards. fg stands for "foreground", meaning you'll be foregrounding the job you just "backgrounded" with CTRL+Z.
  • Got user after fighting with this for almost a month! And then rooted within an hour after :lol: Great box @0xEA31, you stumped me for quite a while :smile:
    in CTF - Machine Comment by farbs July 2019
  • Well, finally rooted. The foothold for user was by no means a stretch of the imagination. Root on the other hand... Jesus Christ. I honestly can't possibly recommend this box to anyone. If you have multiple days to simply set aside and dedicate so…
    in Ghoul Comment by farbs July 2019
Avatar

Howdy, Stranger!

Click here to create an account.