Last Active


  • Initial foothold is a guessing game. The most simple one. Have that in mind if your enum is not giving anything.
  • User was fast. Hard to hint it without spoiling. Do what you do with all Windows boxes but read the output more carefully. If your creds are not working, maybe try to replicate what bad users and admins are doing with passwords. Now AFK and root wo…
  • If you're struggling with crypto don't give up. Read carefully how the script is encrypting data and how it's using the key. If you're not familiar with python scripting, well, the key can be "cracked" manually in 20 minutes.
  • I must say that user was super fun! Hint from @rholas should give you enough for initial foothold.
  • /> @trikster9 said: > This is just my second box, but I have got access to everything I need for User, still I can't crack it. Have been struck at it for the past 24 hours, have even obtained the keys yet I can't login. Can someone help me wh…
  • Any hint for getting IPV6 address of the server? Tricks that I know (both of them, lol) didn't work.
  • Type your comment> @nardin said: > Rooted! > > Initial foothold: too much easy > User: don't try to bruteforce the pass, bruteforce the key ;) > Root: Simple but tricky... one advice: when you read gtfobins, the most importan…
  • User was great idea but the execution a bit problematic. I'm not saying author didn't do his job right, but there are bugs where they shouldn't be. (or I was doing everything wrong with online tts services) The worst part was: one of the suggested…
    in AI Comment by joshibeast November 2019
  • The first thing that came into my mind was: Try it with that Fat Boy Slim song. :D Gtts is not working well with this AI. Will try something else later.
    in AI Comment by joshibeast November 2019
  • Stuck at getting something out of the above-mentioned "bug". Any nudge would be appreciated. Enum is not going anywhere or I'm going it wrong. Same thing is with the rce. :(
  • Can anyone give me a nudge on a jail escaping? Edit: got it. This box is totally crazy :)
  • The box was actually quite fun but it struck me where I'm weak. Not an easy box if you ask me. Getting the user was harder than on Registry. Root was easy I still don't understand what the box name represents?
  • Could someone give me a nudge for user. I'm attacking a specific service but I'm failing to create a valid payload.
  • I've been waiting for this. It's simple if you know what are you doing. Thanks for the write-up.
  • What a ride! User was relatively easy (comparing to root). It took me several hours. Root - a lot of features implemented just to keep you awake. It took me almost 2 days to figure everything out as I was not familiar with the technology and synta…
  • The b one and the w one.
  • @ow1joker Same here and I'm on VIP server. Also my other shell is acting up the same. Not sure why. Trying to figure out.
  • Can someone clear out one thing to me. On my way to root I'm able to get rev shell as that -d user. However the shell is buggy lags in responses. Am I doing something wrong or the box is just buggy?
  • Now it's 403ing me. At least the lab servers are working.
  • @Xentropy I would really like to know more about your bruteforcing approach. I don't see a BF path that wouldn't take ages.
  • No bruteforcing. That was mine initial idea, but no.
  • Fun challenge. Thank you greenwolf! You need to connect a few dots (all avaliable within the archive provided by author) in order to solve it. It should be easy if you solved We Have a Leak challenge. Also, I'm starting to get familiar with this …
  • Type your comment> @Drac0l17ch said: (Quote) You mean: Congrats User flag ;)
  • Got the user! Thanks to @Pwn2D4 for the help. I did follow passwords policy from the website in order to create my custom password list. However I excluded relevant passwords instead of including them :)
  • I've just started exploring , however I'm having timeouts with this box on vip server. Rebooted - still doesn't work. Is it a bug or a feature? :)
  • Can someone please give me help with passwords cracking. Even with the short list john and hashcat say it will take forever. I won't be able to go onto decent computer in the next couple of days.
  • Finally rooted. User is very complex and layered. The best hint I've found on the forum, for jail escaping, was "LEARN SQL" :D It sounds a bit harsh but it's not. Root is easy if you have experience with do****. I don't. But if you read …
    in Craft Comment by joshibeast October 2019
  • Edit: Not a rabbit hole. Just me typing badly. Got the flag. PM me for hints.
  • I've managed to get some kind of flag in HTB{} format. Not sure if I'm not typing it correctly or it's a rabbit hole and I should go deeper?
  • Getting the user was very hard for me (harder than root). On free servers box is quite unstable and sometimes you need to wait a lot of time to see if the thing you tried worked. I liked this box in general, I've learned a lot of stuff. Thanks to t…

Howdy, Stranger!

Click here to create an account.