I think I am missing knowledge here for the first user. Can someone PM me?
Edit: try harder
finally rooted with a lot of explanation from @nicoswd and @marlasthemage . it took me around 4 days but surely learned a lot
If you’re having trouble with b***** not working from tmp, give it a try in home.
Trying to move from user a to user b but 100% lost. Could some one private message me for a nudge? Thanks in advance!
Switch user A to user B, you must understand binary file and provide right format =)))
Need help in root part , Could some one PM me for a nudge please ? 
Nice Box until now! (got user) - I am not sure if this should be rated “easy”
Having trouble with the last step before root (no spoiler)
→ can’t enter creds
Help pls via dm
Greetz
■■■■ feels good to own this box
Nice work for creators
Wondering if anyone manage to break the algorithm?
Type your comment> @summerflame said:
■■■■ feels good to own this box
Nice work for creators
Wondering if anyone manage to break the algorithm?
By “break” you mean entire message or just part with password? )
Hi, I’ve tried my best to get something out of hints from all the previous posts, but getting nowhere. My current progress is at LFI. Able to read the web page source. Could someone provide hints?
Can someone explain to me why going from user1->user2 can only be done in certain directories? I tried in /tmp for an hour. I’ve rooted the box now, but I don’t really understand this one detail.
Thanks!
Edit: Thanks to @marlasthemage for doing some research on this, if anyone else is curious:
+1 @panic . I was just going to mention this. You should really look at the output of mount when you expect something to work but it doesn’t. Been stuck for way to long because of this detail.
Hello! I’ve gotten the creds for C*** and am working on the priv esc. I’m not really sure where to go with it. I’ve found /***/***/bp and ///er/e********.p and the other file in the e*****r directory but don’t really know where to go from there. Any help would be greatly appreciated! Thanks.
Edit: Got user! Shout out to @marlasthemage for the simple yet super helpful tip!
Like a lot of people, I am stuck with what to do with the db creds. I’ve already learnt some stuff, looked at some files but frankly don’t know where to go from here.
Any nudges would be appreciated for those with more knowledge than me.
Type your comment> @m0squ1t3 said:
Like a lot of people, I am stuck with what to do with the db creds. I’ve already learnt some stuff, looked at some files but frankly don’t know where to go from here.
Any nudges would be appreciated for those with more knowledge than me.
Same here - spent whole day to find a pass. Also gathered some more files from the machine…
@m0squ1t3 @htbuser01 DM me. I believe you likely have the wrong credentials
Thanks @marlasthemage. I definitely have the wrong creds, trying understand how to get the right ones
is there actually a reason why one cannot read any fds in /proc/self. the user through which you run the LFI owns the process no? I would have expected at least stdout to exist. Something to check once I get shell 
got it.
Really challenging box.
User is truly enjoyable. It forces you to drive out of your usual patterns.
Root is a totally different thing. I wasted too much time in the c****o thing, maily because my python skills are too weak.
Thanks to @TazWake for bringing me back on track and giving me the right nudge. +respect
For brute, what are some methods generally that you can use to validate what you got is actually correct??