Official Authority Discussion

Official discussion thread for Authority. Please do not post any spoilers or big hints.

1 Like

Ugh, I was preparing myself for an Insane machine, now this. My brain will get confused again by the difficult level.

I want this insane so much :sob:


Is htb down ?

I think so

what ? when did they interchange the Insane box with the medium one lol ?

1 Like

That change happened because the business CTF is going on right now, guess people complained or they decided themselves that they wanted to save the insane box for when everyone can enjoy it.


Got some credentials from here and there but don’t know how to use them …

same, got some creds but i dont know what to do with them

Mh is it worth fuzzing pwm ?

At this point I have 4 different passwords and I can’t figure out what to with any of them :rofl: I have a feeling that I’m going to feel real silly when I figure it out.

Exactly where I’m at. I tried a lot of different things and couldn’t figure it out. Took a few hour break and came back. I keep going back through where I found them thinking I’m missing something.

I keep getting the below error for the pwm website whenever trying to login with any credentialsand have no clue if its apart of the box. Is it possible to confirm if this is intentional? Ive reset the machine 2 times, and the 2nd time the Website never even loaded and showed some config error which was definitely unintentional.


Directory unavailable. If this error occurs repeatedly please contact your help desk.

5017 ERROR_DIRECTORY_UNAVAILABLE (all ldap profiles are unreachable; errors: [“error connecting as proxy user: unable to create connection: unable to connect to any configured ldap url, last error: unable to bind to ldaps://authority.authority.htb:636 as CN=svc_ldap,OU=Service Accounts,OU=CORP,DC=authority,DC=htb reason: CommunicationException (authority.authority.htb:636; PKIX path building failed: unable to find valid certification path to requested target)”]

Yeah that’s the same error it gives me. Pretty sure it’s intended.

Anyone got any hints for root ?

1 Like

same here cannot login anywhere with the creds i got

Can Anyone help me out man ive done the usal nmap scans but it says host is up but it returns no open ports… where is the attack surface what do i look at…

sounds like you got a VPN issue, can you ping the box?

Wondering where you got the credentials tho

holy fax that’s a lot of credentials…