Bastion

pineapplesbus · August 11, 2019, 10:53am

got root finally, to get root remember to check app and script versions. This held me up for a while. Don’t need windows vm, can all be done in Kali.

whitex · August 12, 2019, 5:14am

Can someone give me some foothold to get user Please <3

Gwizwold · August 13, 2019, 9:46am

Hi All, is msf required for root? I think the program may be vulnerable to an exploit which recovers credentials for me. Or alternatively Currently looking at m********.***.*****g, is this the right path to go down for Privesc?

Cheers!

cipher0 · August 13, 2019, 12:39pm

if any one need help for this machine PM me…

Bighound · August 13, 2019, 5:07pm

Got Rooted!, if anyone need help PM ^^

bashocker · August 13, 2019, 6:21pm

Frustrating box for us new at pen testing. I can only mount the large vhd but not the small one. Any suggestions?

bri77 · August 13, 2019, 7:51pm

-User: go after the crown jewels. Reuse those to login on a common port. Watch out for rabbit holes.
-Root: Once you find it, I didn’t rely on scripts posted here. Used a Win vm and said latest version of tool to decrypt.

Lioniss · August 13, 2019, 10:14pm

im stuck on decrypt part and getting ValueError: MAC check failed!!

Please drop me a hint on my inbox.

ZeroFlagsGiven · August 14, 2019, 7:50am

Type your comment> @bashocker said:

Frustrating box for us new at pen testing. I can only mount the large vhd but not the small one. Any suggestions?

That’s the only one you should need

Arrow · August 14, 2019, 10:38pm

Anyone got JTR working with the hashes extracted from S** and SY****?
I also tried using HashCAT but no luck. Any other suggestions will be highly appreciated.
Thank you in advance.

EDIT: Got it. User is owned. Heading for the root.

w4nd3r · August 15, 2019, 1:23am

Got root today,

Started on this box wanting to do completely blind with no hints / no checking forums.

For User: Was on the right track immediately, found the (thing) about not doing X because of slow X. Kind of figured that meant not to do it but did it anyway and pulled it off lol. I learned nothing! But now after reading the forum, going to go learn how to navigate those types of things without pulling them down so I don’t miss out on the good learning experience.

For Root: I tried way, way, way too hard. I was on the right track right away with the out of place program, but - again, tried too hard. Today found out it was way simpler than I thought and rooted.

Was glad I did it blind but reading the forums I’m wondering if for User I missed something / maybe I also did something too hard to get user (I’ve been a Windows admin a long time so once I had access to certain things I knew where to go).

All in all great experience! Thanks @L4mpje for the great box!

WIIZZZAARD · August 15, 2019, 2:17am

Rooted on Linux only. Very fun box, definitely learned a lot about mounting in linux. Usually enumeration and research is a drag but somehow this box made it seem interesting and achievable.

User hint: Don’t download, mount and then mount again. It’s possible.
Root hint: Look for unusual programs, google that bad boy.

Message me if you’re stuck!

Gn0m3h4ck3r · August 15, 2019, 8:36am

Could someone give me a hand on cracking the password please? I am having ALOT of issues cracking them even though its saying I have successfully cracked them…

redteampanda · August 15, 2019, 9:08am

Got the Admin password, can anyone DM me and tell me if mine is correct? Cant login, I am stuck…
Edit: Nevermind, script was not working correctly. Got root.

Gwizwold · August 15, 2019, 9:43am

Type your comment> @Gwizwold said:

Hi All, is msf required for root? I think the program may be vulnerable to an exploit which recovers credentials for me. Or alternatively Currently looking at m********.***.*****g, is this the right path to go down for Privesc?

Cheers!

Nevermind, rooted! thanks @L4mpje one of my favourite boxes so far learnt alot from this one!

Feel free to PM for hints

Atilla2019 · August 15, 2019, 1:09pm

Rooted! I did it in 3 hours! Thk bro nice boxes @L4mpje

lovnix · August 15, 2019, 3:25pm

Got User thanks to the hints here.

I found the x** file needed and the password for admin account but i cannot decrypt it …
any tools for the mR*****N* decrypt
I did found some tools online but couldnt get them to work… would love some help with that.

Thanks

JackDone · August 16, 2019, 6:47am

just finished watching ippsec videos. Need a nudge with Bastion user

drfunkenstein · August 16, 2019, 10:57am

After a hiatus on HTB, came back and rooted. Shout out to @L4mpje for a realistic box. Learned a lot and realized I was overlooking the details. DM if you need a nudge

dirtynoun · August 16, 2019, 2:02pm

First box ever, thank you very much @L4mpje it was a great start and learnt a lot

Thanks to everyone’s carefully crafted hints/nudges, really appreciate everyone using tact

Found user a lot harder to get than root because of my lac of familiarity with that sort of extraction