Sure no problem - need to know how far you've gotten so I don't tell give away too much :-) P0E Respect always appreciated: https://www.hackthebox.eu/home/users/profile/47379


Last Active


  • Worried I might be over thinking this one, I got user.txt, a shell, magento admin and a meterpreter session all easily but I've spent a day trying to escalate privileges on my shell to get root. If anyone could offer a nudge without a spoiler that …
    in Swagshop Comment by poe June 2019
  • Quick note on this, there's no need to brute force this - its killing the box for everyone and like most boxes, its not the way.
    in Swagshop Comment by poe June 2019
  • Hi all, If anyone could give me a hint that's be great. I've gone through all 29,000 lines of the P*** C**********.d** file and can only find a username and passwords encoded somehow (can't identify the method). I've tried a slew of other obvious …
    in Netmon Comment by poe June 2019
  • Hint for all those that have all the creds and can't find where to use them: Lots of web applications have two places to login, one for users and one for admins. Take another look at your enumerated folders.
    in Luke Comment by poe June 2019
  • Finally rooted thanks to @HenryClarke for highlighting something I'd discovered during enumeration then disregarded. PM me for hints without spoilers ;-)
    in Luke Comment by poe June 2019
  • HI all, I've logged in to port 3*** fine and retrieved a list of usres but there's no passwords, am I missing something obvious? EDIT> Yes, I missing something obvious, found it I see a lot of questions around syntax for c***, PM me for help any…
    in Luke Comment by poe June 2019
  • Hi all, Would any mind mind giving me a hint? I've got a php shell running and see (but not open/copy/cat) user.txt, I have a copy of P*******_B****p but can't figure out how to decode it. I've tried hex to Base64, hashes, etc. but no luck. I ha…
    in Curling Comment by poe November 2018
  • HI all, so I cannot get JTR*****r to work to crack the hashes - I've tried both the Kali default version and also installed the M*****mrpp*r version. It recognises the hashes but doesn't crack them using rockyou.txt. Any tips?
  • Hi all I have user.txt and understand that I need to use a technique called 'k******ast' to grab a hash of a password via the *** ticketing process but I can't get the first step. Everything I look at - such as enumerating to get the 'SP name' need…
  • (Quote) You need to find something that is as good as a password
  • Hi all, So I have the hashes but cannot get any program to process them, I keep getting errors indicating the formatting is wrong. Is there anyone I can PM? FORGET: Got it but took a great deal of trial and error! :-)
  • Rooted - great box, PM me for hints
  • (Quote) Message me, I've got shell
  • Hi all, Is there anyone I could PM? I've got user.txt, I've got a shell access but am really struggling to get root.txt. I've trawled through logs, through code, through config files, etc. Thanks P0e
  • (Quote) Thank for the help! In the end it turns out I only had a partial key (exactly half) but because some of the letters of the first half match the letters in the second half and the two halves were equal lengths, about 80% of the cipher was be…
  • Looking for a bit of help on this as I've "applied the vinegar" :-D but my resulting plain text has lots of errors. I can work out what the whole message is supposed to say, including where it tells me what the flag is but HTB doesn't a…
  • Kudos to @TheSecEng for encouragement and keeping me on track (without giving anything away!)
    in Beatles Comment by poe July 2018
  • Thanks @TheSecEng , I've sent you a DM
    in Beatles Comment by poe July 2018
  • Hi all, Is there anyone I can PM to make sure I'm using the 'very common stego tool' the right way? I've tried so many combinations to get the flag and the tool always tells me not data can be extracted (so far I've never seen it extract anything f…
    in Beatles Comment by poe July 2018
  • Hi all, Thanks for the hints - in the end I actually recreated the application :-) Poe

Howdy, Stranger!

Click here to create an account.