Really interesting. First time, root.txt
was empty. After a reboot, root.txt
gave Access Denied
. Then, after waiting a few hours and trying again, I can read the flag. Then that flag was rejected. What is going on there ? In the end, I’ve switched VPN. Found a running instance and was able to extract the flag.
i m stuck with two user creds bt they are not working with evil they are only working with smbc**** and rpc*** …any nudges to get user.txt
@aswathamasam said:
i m stuck with two user creds bt they are not working with evil they are only working with smbc**** and rpc*** …any nudges to get user.txt
Both services can be used for further enumeration You will eventually find credentials that allow you to go evil
Type your comment> @myrtle said:
Really interesting. First time,
root.txt
was empty. After a reboot,root.txt
gaveAccess Denied
. Then, after waiting a few hours and trying again, I can read the flag. Then that flag was rejected. What is going on there ?
I have the same problem on edge-eu-free-2.hackthebox.eu
server.
root.txt
is not accessible for some time after reboot. And when it became accessible it is the same as before reboot. I understand that flags are dynamic and it should be regenerated and different on every reboot.
@sparrow1 said:
Type your comment> @myrtle said:
Really interesting. First time,
root.txt
was empty. After a reboot,root.txt
gaveAccess Denied
. Then, after waiting a few hours and trying again, I can read the flag. Then that flag was rejected. What is going on there ?I have the same problem on
edge-eu-free-2.hackthebox.eu
server.
root.txt
is not accessible for some time after reboot. And when it became accessible it is the same as before reboot. I understand that flags are dynamic and it should be regenerated and different on every reboot.
Please file a ticket at HTB’s JIRA, so they can see that the dynamic flag system tends to break way too often: Jira Service Management
So I got s##_####u# to be able to “observe” things they shouldn’t. S## file retrieved and useless. Can’t get to the file I need to get root and found an odd PS script. Any pointers? I feel like Elmer Fudd (even though he’s be nerfed). TIA
Rooted ! Awesome box, I learned some new things
PM me for nudge !
Great job Create ! rooted
PM for nudge.
After spending way too much time going in circles I would like it if someone can give me a nudge towards root. I could be mistaken but considering other hints here and the privileges I have I should go after an important file. However all tools I can find regarding this file don’t seem to work.
Not too many spoilers please, just a little nudge in the right direction would be appreciated.
Thanks in advance!
@Encomo said:
After spending way too much time going in circles I would like it if someone can give me a nudge towards root. I could be mistaken but considering other hints here and the privileges I have I should go after an important file. However all tools I can find regarding this file don’t seem to work.
Not too many spoilers please, just a little nudge in the right direction would be appreciated.
Thanks in advance!
There’s also a way without grabbing that file
I’m stuck at root as well.
Learned a lot about Token’s and Privileges but I’m unable to get this one very imported file even though i have the privs i need to.
Nudges welcome. Thank you.
Type your comment> @derco0n said:
I’m stuck at root as well.
Learned a lot about Token’s and Privileges but I’m unable to get this one very imported file even though i have the privs i need to.
Nudges welcome. Thank you.
Nevermind, got it even i can’t read root.txt :
PS C:\Users\Administrator\Desktop> whoami
blackfield\administrator
Can someone help me on how to read the D** files?? I am stuck at this for more than two days.
Rooted ! Need help ? Msg me on twitter @NeerajK85400479
or Msg me on Discord icoNic#0097
I could use some help with this, I have the first user, but no creds and haven’t been able to pull anything useful from this. I’ve tried a lot with the three headed beast but struggling at the moment
Rooted!
Probably my favorite box so far! Definitely a challenge from beginning to end which really pushed my skills. Learned a couple new tricks too! Thanks for the fantastic box @aas!
If any of you feel like you have hit a brick wall, feel free to PM me!
Rooted this box finally!!! What a crazy ride it was…!!
I wanna give thanks to the HTB commmunity to help me solve this challenge. This was my first windows box which I rooted. Learnt tons of things from this single box only. @phantom01 thanks for being a great mentor to me and being patient with me.
And a big shoutout to @aas. Great box!!!
Hey guys, someone online that can help me with root?
EDIT: root
NVM
So… I just got finished with this box. What a box.
Loved every stage of it, except the part where I couldn’t read root.txt for maybe 2-3 hours.
No clue what happened there. Thought I was losing my mind.
protip: enum & more enum, then (ab)use