Official Blackfield Discussion

is the root flag encrypted? i already seen it… but i cannot open, please help

A hint regarding the escalation to root would be very grateful. I’ve submitted the user flag and think I’m on the right path although some extracted data I have doesn’t seem to work anywhere. I don’t think I need another account before root as the account I have definitely has some tidy superpowers.

Rooted. A really enjoyable box and another brilliant learning experience. Thanks to @aas for taking the time to create this box.

Happy to help if anyone needs it.

I got it!! :slight_smile: Thanks zdko, Tazwake,achyromaric and other member of this great group!
Evil-WinRM PS C:\users\administrator\desktop> whoami
blackfield\administrator :slight_smile:

solved

Spoiler Removed

Can someone give me a nudge on using v**.p* to review D** files taken from S** please? Never used it before and it can’t seem to identify specific im*****fo

EDIT: no worries all sorted :smiley:

Pretty sure someone is trolling and changing the root flag.

Can someone provide the root flag to me if I give them the administrator hash?

Spoiler Removed

@reverie said:

Pretty sure someone is trolling and changing the root flag.

Can someone provide the root flag to me if I give them the administrator hash?

HTB uses dynamic flags. There is a new flag every time the box resets and different flags on each VPN connection.

If rooted the box and gave you the flag, it would be no use to you and we would probably both get banned for violating HTB’s rules.

When you get a flag you need to use it fairly quickly.

Type your comment> @TazWake said:

@reverie said:

Pretty sure someone is trolling and changing the root flag.

Can someone provide the root flag to me if I give them the administrator hash?

HTB uses dynamic flags. There is a new flag every time the box resets and different flags on each VPN connection.

If rooted the box and gave you the flag, it would be no use to you and we would probably both get banned for violating HTB’s rules.

When you get a flag you need to use it fairly quickly.

Thanks. Reset the box twice before seeing this post and noticed two different hashes. Submitted the second one and it went through.

Thought it was legit part of the machine for a bit, but things didn’t add up. Was picturing the machine creator creating the final hurdle like: https://i.kym-cdn.com/entries/icons/facebook/000/017/354/elrisitas.jpg

@reverie said:

Pretty sure someone is trolling and changing the root flag.

Can someone provide the root flag to me if I give them the administrator hash?

For quite some time, flags have become dynamic. Unfortunately, this system isn’t working very reliable at times. Try the following:

  1. Reset the machine
  2. Wait at least 1 minute after the reset has finished
  3. Dump the root.txt and compare it to the one you previously got
    3.1. When it’s different, try to submit it
    3.2. When it’s the same as before, wait another minute and go back to step 3
    3.3. Should it still be the same, place a “marker file” somewhere, and reset the machine again
  4. Check whether your “marker file” is still present, after resetting the machine
    4.1. If the file is still there, issue another reset and keep an eye on the “Shoutbox” to see whether someone cancelled your reset request

If everything fails, contact the support via Jira: HTB Support on JIRA — Hack The Box :: Forums

Finally rooted this bad boy! Great box, learn’t a few new things.

I got the flag root.
but when I pass it, it writes the wrong flag
I reloaded the box 5 times

@fili0x232f said:

I got the flag root.
but when I pass it, it writes the wrong flag
I reloaded the box 5 times

Try to change VPN, are you sure the box have been really reset ?

Type your comment> @Caracal said:

Try to change VPN, are you sure the box have been really reset ?

Yes, i change VPN and box reset

@fili0x232f said:

Type your comment> @Caracal said:

Try to change VPN, are you sure the box have been really reset ?

Yes, i change VPN and box reset

HTB flags are dynamic. Resetting the box is making your problem much worse and breaking it for everyone else.

Changing VPNs also changes the flag.

Flags are only valid until the next reset so when you get a flag you need to use it before the box is reset. If it doesn’t work check (i.e. shoutbox) to make sure no one else has been randomly resetting the box.

If your flag is rejected, recheck the box to see if it has changed and if so, use the new one. If it hasn’t, either wait and try again or raise a JIRA ticket with HTB who can try to resolve it for you.

any idea/article on how to get the “tool” to work to extract the content from the dumpster files (if that does’nt give away anything)? I am trying to get it to work but not having any luck. i can provide what i have attempted so far

Edit…of course it would help if I updated the damn tool lol.
EDIT…okay even that didn’t work. keeps getting incompatibility errors even though the profile matches the os build. any help is appreciated on this part!

@walk said:

any idea/article on how to get the “tool” to work to extract the content from the dumpster files (if that does’nt give away anything)? I am trying to get it to work but not having any luck. i can provide what i have attempted so far

Edit…of course it would help if I updated the damn tool lol.
EDIT…okay even that didn’t work. keeps getting incompatibility errors even though the profile matches the os build. any help is appreciated on this part!

Google the tool name and the file you are working on.

@walk said:

any idea/article on how to get the “tool” to work to extract the content from the dumpster files (if that does’nt give away anything)? I am trying to get it to work but not having any luck. i can provide what i have attempted so far

Edit…of course it would help if I updated the damn tool lol.
EDIT…okay even that didn’t work. keeps getting incompatibility errors even though the profile matches the os build. any help is appreciated on this part!

I have the same situation. Vol*****y says: “No suitable address space mapping found” and “No suggestion profile”. Also tried with WinDG, but didn’t see any useful.