Please don't write questions to my wall. Use the message function.


Last Active


  • is the powershell session supposed to be extremely slow? Like... 1 command every 5 minutes and 5 minutes just to connect? Or should I reset or troubleshoot something on my side?
  • medium that should be easy... easy that should be hard... what a mess
  • Beautiful box up to the user, with good stuff that can be learnt from it. Definitely not Easy. This has become a real problem with the HTB platform: it requires a huge time commitment that many people cannot afford. Root could have been better, I we…
  • WTF is wrong withroot.txt on this box?? EDIT: ok, 2 resets needed...
  • rooted with help of some great people. Happy new year
    in RE Comment by halfluke December 2019
  • rooted the intended way after much stupidity but curious about the msf easy way...
  • no, I'm an idiot, I expected to see a connection before restarting the service and as I didn't see any connection, I never restarted the service...
  • Anyone can help me understand why my dns*** command from ev**** shell doesn't connect at all to my imp*** smb** ? It's driving me crazy nvm: I'm an IDIOT
  • Type your comment> @kkaz said: (Quote) same here, I can connect to the share with dir command but not with the command we need... wtf is my critical mistake?
  • Type your comment> @jimmypw said: (Quote) 100% quoted
  • script was easier :)
    in Sniper Comment by halfluke December 2019
  • I've tried several big lists of payloads to find the f on the parameter that can be changed, but I've had zero luck... edit: got a shell and a couple of credentials, but not the ones for the user I need to become. Is there a password reuse?
    in Sniper Comment by halfluke December 2019
  • Type your comment> @dlh61 said: (Quote) I started with a ping but from a ping to a shell there is a long way. It also all depends on what protection is activated on the target and how you can bypass it, if an AV prevents you from writing to disk…
    in Json Comment by halfluke October 2019
  • Type your comment> @j4v40n654n said: (Quote) got it directly in memory. Decently painful, lol
    in Json Comment by halfluke October 2019
  • Type your comment> @dlh61 said: (Quote) Thank you. I'm having issues using powershell: I cannot connect back to my machine, not sure why. I can download from my machine in a different way but I haven't tried yet to execute: not sure if I can tou…
    in Json Comment by halfluke October 2019
  • I think I'm a bit lost on: * how to choose the payload among all the options * how to pass it to the target I got a general idea of what should be done but I'm failing to understand how people can get rce so easily
    in Json Comment by halfluke October 2019
  • Nice machine from Guly with interesting little tricks. I wouldn't have been able to solve it without reading several pages of this thread. Don't overthink PHP
  • . kudos @rotarydrone
    in Craft Comment by halfluke July 2019
  • Type your comment> @mRr3b00t said: (Quote) this is fantastic :smiley:
    in Safe Comment by halfluke July 2019
  • logged in... the greatest and most mindbending thing I've seen so far, .
    in Kryptos Comment by halfluke July 2019
  • Never been stuck for the very initial step for so long on a machine... and despite the errors I can google, no idea how to bypass the login. I know this machine is prolly beyond my current level, but so many people say it's awesome that I am (was) …
    in Kryptos Comment by halfluke July 2019
  • 47, started my oscp trip 1 year and a half ago, got it after 9 months, got my first junior pentesting job 6 months ago. And my motto is: it's ALWAYS too late, lol.
  • why does the machine NOT have a bar chart for difficulty? htb bug?
    in Craft Comment by halfluke July 2019
  • Great machine, it took me a week and some help here and there. Not sure if there is still a sort of unintended for root. I was able to do it in both ways in the end, although I recognize I still have a knowledge gap to fill. Thank you MrR3boot!
    in Player Comment by halfluke July 2019
  • Found some vhosts, found the "hints" to what is wrong with the site(s), found some names in an answer to a url request, found source of the countdown (client side), found a login. And stuck, next step unknown :smile:
    in Player Comment by halfluke July 2019
  • smasher2 as well please, LOL
  • a bit annoyed by the enumeration part ... I'm not extremely patient. especially the initial username swap. The medium article is spot on. You can also get a shell, creativity is the limit when you are already root. Not my favorite box to be honest,…
    in Luke Comment by halfluke June 2019
  • I'm in g*** as "admin" I can also get a rev shell as g** but I don't know what to look for or escalate... EDIT: one more step.. stuck on the next one. Crazy box! EDIT2: rooted with a lot of help. Last step is too much
    in Ghoul Comment by halfluke May 2019
  • Found out by accident what I needed to do for root. Still looking for a documentation reference though. Who can do what in that directory?
  • I thought it would be easier, instead I'm pretty stumped... I can browse dirs but I cannot read files via https, and I can read only some files via the good old port. I don't know how to put the two things together, can't read user.txt, and can't ge…

Howdy, Stranger!

Click here to create an account.