Just completed today morning. Nice challenge. It did not make my hair white like "find the secret flag" did, but I really enjoyed. Now only heavy reverse stuff left to complete, so real headache is just before me -:)
Just completed. This is currently the easiest machine in the active set.
Number of hints here is already more than enough so I will not add anything extra.
Just keep in mind that everything is really simple here. If you make something complicated th…
Just completed. Another very nice machine. Be very accurate in your enumeration, especially when it comes to escalation of privileges. Otherwise you will stuck for hours.
Enough hints on forum to root this machine, so I'm not going to add anything …
Just completed machine. I did user a few weeks ago, but root was kind of postponed till today. Before starting root part I read forum very carefully, cause I knew that it would be something tricky (taking first root blood took quite some time).
Just completed. I have this bad feeling that it took me way too much time than it should. I stuck a few times in places I should not. Mostly due to my stupid mistakes and sloppiness. This is another lesson that we should always stay humble and very …
Just rooted. Regarding user I already wrote everything in my previous post. Amount of time I spent on finding the voice ... well Im still very angry. It was very CTFish and Im not fan of that.
Root part was nice. Classified as difficult (by users),…
This machine is a real pain in ... .
I got the idea. I found internal reference. I found external reference.
I have managed to generate output proving existence of the vulnerability, but still cannot proceed further.
I understand that I need to perf…
Just completed this machine, but still many questions and doubts.
My general toughs for the root part:
1. I did not use vegetable
2. I believe I used intended way, but I just used VS in order to develop (a big word in this case, mostly copy/pasting)…
Very nice machine. User was super nice and straightforward. The second quickest user after resolute.
Important hint about generation your "stuff": keep in mind the name of machine when you choose format and then transform manually. Don't …
Very nice and educative box. Especially foothold and struggle with AV. Very realistic.
Ma advice - always go for the simplest and manual mean. Do not overcomplicate and forget (in)famous exploitation framework.
Well done author!
Type your comment> @cavla said:
> Type your comment> @GhostM said:
> Try using the ncat from static-bins repo on github... worked for me
Weird. This is the first I tried. Did not work for me. Will try again.
It looks like somebody changes "juicy stuff" intentionally. Why there always has be an i***t who think this is funny? It would be a nice feature to have some monitoring in HTB and kicking out those who abuse the rules.
Still do not know, what is the proper way to find the login page -:) Really no clue -:)
I found it following hints on this forum. Need probably wait for write-up to get known, how to do it properly.
After finding this page the rest i…
Just rooted, appreciation to @c1cada for nudge in initial foothold.
Escalation to root super easy. Overall I can imagine that for devs specializing in one famous reptile language this whole machine is very easy (first blood in user and root taken in…
Nice box, especially the user part which is a good opportunity to learn properly unix fs permissions. Hint for user from me: some things are not visible, but the crucial ones actually are. I spent too much time to look for files in their default pla…
Its a bit of a pity that the name gives direction just like that. Enumerating required details would make it more challenging. However I understand the requirement, that the machine name itself should be a hint.