Last Active


  • What a traumatic machine... I was soo frustrated, that I was going to skip this machine. Thanks to @IvanV who motivated me to go on. Lesson learned: Even when you think you know how to retrieve things, GOOGLE IT!!!! 😂
  • (Quote) Find out how to send an email to all those addresses with a link back to your machine, so that you can see when one of the users react... F I N A L L Y made it. This is the longest way to user I ever had to make. Therefore root is more that…
  • @zaBogdan 🤔 do you mean the upload capability is a rabbit hole?
    in Book Comment by z3r0c001 February 2020
  • After weeks of fighting with the hard machines its so relieving to have an easy box pwned within two hours (even though first blood was within 11 minutes)...
  • Finally made it! Thanks to @rholas & @beorn for their help. Nevertheless, I needed a windows vm for the final step to root. I found a exploit from mid 2019 which might be applicable, but I was to dumb to use it in this environment / setting. If…
    in Sniper Comment by z3r0c001 December 2019
  • F I N A L L Y !!! Thanks go to @MrPennybag & @bipolarmorgan for helping me out when stuck! hackthebox: Please give us more of these AD / Hound machines! I hate them really, but at least I'm learning a ton! 😋
    in Forest Comment by z3r0c001 November 2019
  • Wow, I really like this box! Even though I needed nudges as I was overseeing the obvious things and began overcomplicating things and then followed the rabbit... 😂
    in Craft Comment by z3r0c001 July 2019
  • @jugulaire Question is which user you are so far. If you just got user.txt you will need to become another user before root. Your enumeration as that new user should point you the right path on the system. For everybody: Change file names when try…
    in Haystack Comment by z3r0c001 July 2019
  • 🥴 Finally got root on this box. Even though the privilege escalation path is quite clear it was still a struggle for days (if not weeks - I did some other machines meanwhile to get a break from this one)... This was frustrating, but this is the way …
    in onetwoseven Comment by z3r0c001 May 2019
  • Lost hours in privilege escalation, because I overcomplicated it! No special knowledge is needed for priv esc! Just be sure what can still be done with files even though rights on the files are limited...
  • Thank you @sillydaddy ! You saved my day with your last post!!! "Think like a user" was smashing my brain... Remembering the year was a good hint!
    in Netmon Comment by z3r0c001 March 2019
  • Got finally a root shell! I'm wondering why some people say the "uncles" are not used... I used them for the root shell...
    in Querier Comment by z3r0c001 March 2019
  • uhh, what a box!!! on my way to root I had to learn that chmod -R isn't working like I suspected it does... So, it is important where you try to execute it...
  • Wow, learned so many useable things on this box! IP and file permissions are much greater than I thought...
  • What a box!!! Learned so much new things! Thanks a lot!
    in Dab Comment by z3r0c001 November 2018
  • Uhh, got it... tried some but not the that particular... I need to create a list... Shame on me!
  • So, how to explain where I am without to spoil...? Working on an application of an older os, got it running, but don't know how to brute it in the emulator. A local attack on the data file with a well known encryption failed... Is this a rabbit hole?
  • (Quote) Just enumerate all user desktops and you will find the answer... @all: I'm wondering why some users encountered problems reading the root.txt file, when they were already Administrator. There wasn't any problem at all to me... Was the machi…
    in Access Comment by z3r0c001 October 2018
  • Forget about... Got root! As so often: Check the syntax of your command...
  • Going mad about finding the right wordlist for the final hash... Any hint about this?
  • (Quote) Hi tolg4yan, did you try to duckduckgo "ldap enumeration"?

Howdy, Stranger!

Click here to create an account.