Last Active


  • Inital foothold: Enumerate everything, get banners, google User: read the configuration file of the service and understand it Root: GTFObins
    in Postman Comment by wo1f December 2019
  • For the inital foothold I managed to create a ping payload which works, but I fail to create a payload that would either give me a rev shell back or transfer files to victim. Can someone give me a nudge on getting the payload right? UPDATE: rooted!…
    in Json Comment by wo1f November 2019
  • Type your comment> @CLQWN said: (Quote) Explore different groups in the domain and how they are connected to each other ;)
    in Forest Comment by wo1f November 2019
  • Any nudge for the privesc would be appreciated!! I worked through the https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Methodology%20and%20Resources/Active%20Directory%20Attack.md#dumping-ad-domain-credentials-systemrootntdsntdsdit b…
    in Forest Comment by wo1f October 2019
  • I got the lowpriv user creds but can't access the machine... What is this mystical higher port that will give me shell access? I only see S*B services pretty much and the mainstream impacket tools which give shell require write access to the share a…
    in Forest Comment by wo1f October 2019
  • Can someone nudge me with getting the payload to work? I know there is some security solution sitting there and tried few obfuscations but could not get the shell to run.
    in Wall Comment by wo1f October 2019
  • (Quote) I have combined the hell out of it but i still havent got the right one... And i have done a forensics challenge here that I assume is similar to this one. The "challenge" last part bothers me and does not make sense to me. Can som…
    in Irked Comment by wo1f December 2018
  • I got the root flag but I am very interested in how to get the root shell. Can anyone PM some tips? Would be greatly appreciated. I have tried uploading stuff with the "tool" but it does not seem to work. I kind of have the idea what i sho…
    in Curling Comment by wo1f November 2018
  • Can someone PM on the scrambled (output) line of text? Like what method to use? I have theory but it does not seems to add up. Update: Got it. Literally follow the arrows...No need to overthink.
  • r00ted! Thanks @albertojoser for getting me over the finish line and @jkr for making me dig deeper with n**p! There were definitely some new concepts for me that I was not aware of..
    in Ypuffy Comment by wo1f November 2018
  • Got it! Man.... Once I got over the decryption hurdle if was like 2 minutes.... That's me.. I get stuck on some trivial technicality. But hey, I learned something new. I never had to decrypt stuff in Wireshark before.
  • I am looking at those Bro log files but I can't find anything that would stand out... I am obviously not suppose to go through all the 13000 lines manually. HTB is killing me :D Any hints? I know pretty well how to search stuff in wireshark but I'm…
  • So I got the user but stuck on the root. I am close but I can't read this specific directory and file. I tried using d*** but that didnt work...any hints?
    in Ypuffy Comment by wo1f November 2018
  • Need help guys... I got the username and hash but I am unable to enumerate the shares so that I would know which one to connect to. In previous boxes I have managed that with s******t and e********x but this time they give me error.... Can someone n…
    in Ypuffy Comment by wo1f November 2018
  • got r00t! Thanks @justsome for pointing me in the right direction. I learned a lot with this box and spent a whole day on this :dizzy:
  • Any tips on root guys? Got out of "jail" and I have enumerated those files in home directory but no clue how are they gonna help me get to root.
  • Thanks @Baikuya for giving me tips on getting the user! Now time to get root!
  • I can't get over the initial step. So I am using ZAP proxy to meddle with the POST requests but all I can get is list of files in the html/ directory and there are no user.txt files there that everybody is talking about. So how am I suppose to use t…
  • Hey guys! I am stuck at getting the user... I managed to get the anon login to Replication share but I could not find anything interesting there and I can't seem to do much there. Am i looking at the wrong thing? Any hint would be appreciated!

Howdy, Stranger!

Click here to create an account.