This was one of the best Medium difficulty boxes I’ve ever done! At times I got stuck thinking that something would be “too real life”, but this box has plenty of those real life, yet still balanced aspects
Can’t wait for the next box @VbScrub 
@selfhatred said:
i love this box more than i love myself, thank you @VbScrub
:lol: the highest of praise haha thanks
I know the way to get a root, but I can’t find a way to pivot to a***c. Can anybody hint me on this? Is it somehow related to .lk?
@VbScrub This is my favorite box I’ve done on HTB so far! Great job, and thank you!
Need a nudge for moving from r.t to a****c
enum everything i could on smb… found a few promissing things but not sure what to do with it.
Thanks!
Is RE a way for root?
Edit: it is!
Fun box. Good refresher on the directory that’s light and all things Windows in general.
Having problems with User flag on HTB
Type your comment> @limbernie said:
Fun box. Good refresher on the directory that’s light and all things Windows in general.
I agree, I actually loved that foothold! However WTF with the flag?? I reset the machine twice already, the hash stayed the same and says it is invalid 
EDIT: After like 5 resets it worked…
root was a pain in the …
if anyone got root with the light d search tool
pm me your query used, would like to understand that more
Looking for a nudge on finding passwords, got users but I can’t seem to find anything password related anywhere else…?
Type your comment> @xTheOmenx said:
Looking for a nudge on finding passwords, got users but I can’t seem to find anything password related anywhere else…?
I am also stucked on same thing. Tried lots of thing but did not get password.
This can be done on linux only right?
Like how do I get something usable from the hex?
This the right path?
Pm please!
Spoiler Removed
Rooted
thanks @VbScrub , Great job, and thk you…
Type your comment> @HomeSen said:
@roelvb said:
I have read the massive output of e4*x several times, line by line, but no password found. Am I looking on the right place?The information you seek is not there.
I’d suggest switching to more traditional enumeration tools
It is there, but you need an eagle-eye to see it 
Rooted .
OK so yes enumeration is key ,no nudges just enumerate ,If you are stuck they you havent enumerated or you dont see properly . Which i did a few times in the process .
Was stuck at some point from 2nd user to 3rd but then went back gather what i had and looked at it closely 
.
So like someone said proper enumeration for this box is the key ,not tools for enumeration .
@VbScrub honestly i hated the box at some point maybe in the beginning but when i started connecting the dots all fell into place : )
Cool box!
@salt said:
@HomeSen said:
@roelvb said:
I have read the massive output of e4*x several times, line by line, but no password found. Am I looking on the right place?The information you seek is not there.
I’d suggest switching to more traditional enumeration toolsIt is there, but you need an eagle-eye to see it
I guess I’m using it wrong, then. With (almost) all flags enabled, and knowing what to look for, I can’t even get it via grep (so I don’t need eagle-eyes 
) O.o
Type your comment> @HomeSen said:
@salt said:
@HomeSen said:
@roelvb said:
I have read the massive output of e4*x several times, line by line, but no password found. Am I looking on the right place?The information you seek is not there.
I’d suggest switching to more traditional enumeration toolsIt is there, but you need an eagle-eye to see it
I guess I’m using it wrong, then. With (almost) all flags enabled, and knowing what to look for, I can’t even get it via grep (so I don’t need eagle-eyes
True, but running it without any flags would give you want you need. Grep wouldn’t help as you are not sure what you will find when first started enumerating, so you need an eagle-eye 
Hands down the easiest box for me (at least for now) but not in a bad way.
I don’t know if it is intended that it’s possible to get root before user?
Managed to get the password of Administrator. Is this the intended way?
Found an interesting file with creds from Mr. T and instant Root with the Inforamtion from the file and my enum.
Anyways: Nice box!