Will the box be up for many more days? Got the CMS , clever name.
Going crazy for root…
Maybe missing something in my enumeration. Although root is possible with kernel exploits, want to try without them.
Please PM me any nudge/hint.
Edit:
Rooted!!! Overlooked simple enumeration
already spent 2 hours 
stuck on g*****l part. not able to create proper request in postman, Please PM any clues
Can whoever is resetting the box every few minutes please stop.
Working on root enumeration and it keeps resetting .
EDIT:
Rooted, first box I’ve done on here. Great learning experience, thanks for putting it up.
FINALLY Finished
User - was tricky … read the github source code and ignore error messages.
Root - known exploit
hey guys when I submit tickets I don’t receive any email ? Is i am right direction ?
Hello I got this error
Any hint ?
root@kali:~/Desktop# nc -nlvp 6392
Listening on [any] 6392…
connect to [10.10.12.27] from (UNKNOWN) [10.10.10.121]
root@kali:~/Desktop#
I can’t access…
ROOTED !!
PM for hints
Rooted 
Thanks to @espringe and @lazyjd for providing me with the most help with getting through this box 
Finally rooted
Huge +rep to ShayNay for the help with root. Nice box
Could someone help me with root on this box without kernel exploit? I’ve found something in b***_****y and got tty shell. Is it right one or is there any other way ? please.
Anyone ran into the problem when getting root, that the kernel exp is returning invalid argument? if so can you PM me? thanks
This box is very much similar to a retired machine which was released in Q4 2017.
I have found the webapp as well as the higher port. I am really interested in Node. Can someone give me a nudge on this method? PM me if necessary.
Type your comment> @st4rry said:
Could someone help me with root on this box without kernel exploit? I’ve found something in b***_****y and got tty shell. Is it right one or is there any other way ? please.
I’m at the same step
rooted PM for hints
I know the g****** syntax, but I do not know the db name.
I know I’m missing out something very obvious.
But I can’t see it!
Can someone hint me?
EDIT: Found the creds and log in.
Whats next?
I am already stuck on the first page. How can I get the credentials?
Great box.
Really a lot of fun.
If there are any JSON guru’s out there that wouldn’t mind having a chat with me on the other method to get in and how I could go about starting it that would be fantastic. I’m terrible with Java =(
USER:
I know it’s cliche and I know when you don’t know what to look for this advice can suck but " Enumerate, Enumerate, Enumerate".
If you read the exploit and think you have the right directory, you’re wrong…
Look harder…
Open source code is a gift, don’t squander it.
ROOT:
Quite simple if you’re familiar with Linux Priv Esc techniques. The low hanging fruit is always worth going to first and there’s more than one way to achieve it.
Keep it basic and you’ll find it in no time.
Any one struggling feel free to message me ( only if you’re willing to understand how it all works and not just because you want the answer )
As the great Albus Dumbledore once said:
"Help will always be given at Hackthebox, Harry, to those who ask for it. I’ve always prized myself on my ability to turn a phrase. Words are, in my not so humble opinion, our most inexhaustible source of magic. Capable of both inflicting injury, and remedying it. But I would, in this case, amend my original statement to this: “Help will always be given at Hackthebox, to those who deserve it.”
Lanks