got root.txt again. Thanks @TazWake for shaking my brains so hard!
Finally rooted. Nice box.
Although I did it I have a doubt and maybe somebody can help me. It is about how to get one user in the system. I did it by finding credentials. But I didn’t understand the piece of information that link user and credentials. Any one can help me? Maybe DM should be better. 
It is difficult talk here as oraculus
@Darvidor said:
Finally rooted. Nice box.
Although I did it I have a doubt and maybe somebody can help me. It is about how to get one user in the system. I did it by finding credentials. But I didn’t understand the piece of information that link user and credentials. Any one can help me? Maybe DM should be better.
Depending on which user you mean I can give my thoughts - although the box creator might have a better answer if you was them.
If its the m****** user, then a lot of is guesswork simply by looking at the creds and deciding which user it is likely to be.
Type your comment> @TazWake said:
@Darvidor said:
Finally rooted. Nice box.
Although I did it I have a doubt and maybe somebody can help me. It is about how to get one user in the system. I did it by finding credentials. But I didn’t understand the piece of information that link user and credentials. Any one can help me? Maybe DM should be better.Depending on which user you mean I can give my thoughts - although the box creator might have a better answer if you was them.
If its the m****** user, then a lot of is guesswork simply by looking at the creds and deciding which user it is likely to be.
Yes , it is m** user. ok. It is what I did. I thought that the information I found together with the credential give the information about the user. In this scenario there are a few users but imagine hundreds.
@Darvidor said:
Yes , it is m** user. ok. It is what I did. I thought that the information I found together with the credential give the information about the user. In this scenario there are a few users but imagine hundreds.
Indeed. But I’d say any time you find a username in a password its worth trying that account.
If you just had a password and there were hundreds of users, you could write a quick script to try them all with that password.
finally great box 
uid=0(root) gid=0(root) groups=0(root)
academy
Have foothold without msf and already got user flag. Working to get user2, fun machine.
good evening ladies and gents, I’m currently at the beginner steps in the Academy,
Basic Toolset ---->Network Enumeration with Nmap—>Nmap Scripting Engine
I’m not able to get the last flag from this module, I used every single script and have not found the last flag. if anyone could give me a hint I would really appreciate it. thx in advance
Rooted.
Foothold, with tips from the forum managed to find the secret thing and then used google to tell me how to exploit. I did it without using msf.
User1, I was on the right track but took me a while.
User2, I knew where to look being who I was, tried to find information to make the thing look prettier but ended up cooking it.
Root, I was a bit confused because I was not who I was expecting to be. Took me longer than it should because I have the special ability to make typos in the most critical times.
Looking to learn more about the user2 thing because the g, r, e and p keys of my keyboard are overused.
Fun and interesting machine, thanks to the creators and to the forum for the help.
Rooted fun box. PM if you need hints
Hi everyone! Noob here. I’m stuck at “Enumerate all ports and their services. One of the services contains the flag you have to submit as the answer.” In the module “Network Enumaration with NMAP” on HTB Academy. I’m using “sudo nmap -Pn -sV -sC -A -O -n -v 10.129.124.205”
Anyone free for me to run my exploit by? Having no luck getting a shell, not sure if it’s a payload thing or missing/incorrect option thing.
Thanks in advance!
Edit: nvm, just got it!
@Danz0 said:
Hi everyone! Noob here. I’m stuck at “Enumerate all ports and their services. One of the services contains the flag you have to submit as the answer.” In the module “Network Enumaration with NMAP” on HTB Academy. I’m using “sudo nmap -Pn -sV -sC -A -O -n -v 10.129.124.205”
This thread is for the Academy box rather than the academy.
Try: sudo nmap -Pn -sC -sV -A -p- -vvvvvvv 10.129.124.205
@Danz0 , I am stuck with the last hard lab - Firewall and IDS/IPS Evasion - Hard Lab. Did you pass it?
@akinamon said:
@Danz0 , I am stuck with the last hard lab - Firewall and IDS/IPS Evasion - Hard Lab. Did you pass it?
This thread is for the Academy box rather than the academy.
Anyone give me any pointers for user2? I’ve used find to see which common files and directories the c user has with r, m and e but I don’t see what I’ m suppose to find
@misterd008 said:
Anyone give me any pointers for user2? I’ve used find to see which common files and directories the c user has with r, m and e but I don’t see what I’ m suppose to find
So it is fairly difficult to explain without a spoiler.
You are looking for something which gets captured by the system when a user does the thing you want to do.
Look in where it is captured.
I’m having a problem in the web requests module – when I try to connect to the target with burp on it gives me an error. I can connect without issue without it, yet in the examples, they were able to connect to the server by simply turning their burp on and making zero changes.
@m0rtyy said:
I’m having a problem in the web requests module – when I try to connect to the target with burp on it gives me an error. I can connect without issue without it, yet in the examples, they were able to connect to the server by simply turning their burp on and making zero changes.
This thread is for the Academy box rather than the academy.
@Danz0 , I am stuck with the last hard lab - Firewall and IDS/IPS Evasion - Hard Lab. Did you pass it?