Last Active


  • I am able to write Powershell files, execute the Powershell scripts written, but I am failing to execute any of the usual PS reverse shells I've used in the past. Could someone PM me with some help. Thanks.
  • Rooted. I got the foothold nice and quick then found the required details for the next user.... only to not use it and forget I'd found it. Got there eventually. Feel free to PM for pointers.
  • It was annoying reading posts about how easy people found the last stage as I ran into error after error and spent ages getting nowhere. Root: If it's not finding a file in the same folder, just go home and do it all from there. BTW. Who ever said…
  • Same here @Brogramm3r . I've had rockyou.txt running with steghide decode... but nothing for ages. Stopped it now.
    in Cache Comment by thegingerninja May 2020
  • I'm going round in circles trying to get Root to fire. Is anyone available to help out?
    in Book Comment by thegingerninja May 2020
  • That took me ages to get the foothold!! I was banging on the wrong service for days. Big thanks to @mrfw for just the right level of helpful guidance.
  • I enjoyed this box. It allows us to put into practice a few things we've watched IppSec do on earlier machines. IppSec Rocks!! Even the last part I stumbled about at. I think I was still opening up CherryTree and Burp at the 11minute mark of fir…
  • I actually really enjoyed doing this box. Getting User took me ages but was worth all the effort to improve on the skills needed. Thanks to @poker1 who kept me sane and pointed me at pwntools lib which will simplify a load of my python code from n…
  • You don't get an echo after a certain number of characters. Does that help?
    in Safe Comment by thegingerninja July 2019
  • Finally got root. I really enjoyed this one. It would have taken me way longer if the forum here hadn't suggested to go from s* user to k* user before heading to root. There seems to be some amazing minds here on htb.
  • Thanks again @hansraj47 . I'm going to go through that walkthough. My issue seems to be that WPScan now defaults to a less aggressive plugin enumeration. In version 3.5.3 I needed to add: --plugins-detection aggressive To find the plugin…
  • Hi @hansraj47. I had just updated wpscan but I haven't tried anything else to enumerate WP plugins. Will google/try that when I'm next on.
  • Does anyone else get different wpscan results for tartarsauce compared with the main writeup? My wpscan is not returning anything about the vulnerable plugin begining with Gw.
  • Thanks to @xscorp7 for the following: (Quote) I was having a very frustrating day until this comment. Each step took me ages but in the end I can say I really enjoyed this box. I'm not always the quickest to respond, but PM me if needing hints.
  • Thanks to a post from @BashShabakate0 I finally saw the thing I'd been pspy'ing for. I really enjoyed this box, especially for the linux priv esc practice.

Howdy, Stranger!

Click here to create an account.