Finally rooted this bad boy! Great box, learn’t a few new things.
I got the flag root.
but when I pass it, it writes the wrong flag
I reloaded the box 5 times
@fili0x232f said:
I got the flag root.
but when I pass it, it writes the wrong flag
I reloaded the box 5 times
Try to change VPN, are you sure the box have been really reset ?
Type your comment> @Caracal said:
Try to change VPN, are you sure the box have been really reset ?
Yes, i change VPN and box reset
@fili0x232f said:
Type your comment> @Caracal said:
Try to change VPN, are you sure the box have been really reset ?
Yes, i change VPN and box reset
HTB flags are dynamic. Resetting the box is making your problem much worse and breaking it for everyone else.
Changing VPNs also changes the flag.
Flags are only valid until the next reset so when you get a flag you need to use it before the box is reset. If it doesn’t work check (i.e. shoutbox) to make sure no one else has been randomly resetting the box.
If your flag is rejected, recheck the box to see if it has changed and if so, use the new one. If it hasn’t, either wait and try again or raise a JIRA ticket with HTB who can try to resolve it for you.
any idea/article on how to get the “tool” to work to extract the content from the dumpster files (if that does’nt give away anything)? I am trying to get it to work but not having any luck. i can provide what i have attempted so far
Edit…of course it would help if I updated the ■■■■ tool lol.
EDIT…okay even that didn’t work. keeps getting incompatibility errors even though the profile matches the os build. any help is appreciated on this part!
@walk said:
any idea/article on how to get the “tool” to work to extract the content from the dumpster files (if that does’nt give away anything)? I am trying to get it to work but not having any luck. i can provide what i have attempted so far
Edit…of course it would help if I updated the ■■■■ tool lol.
EDIT…okay even that didn’t work. keeps getting incompatibility errors even though the profile matches the os build. any help is appreciated on this part!
Google the tool name and the file you are working on.
@walk said:
any idea/article on how to get the “tool” to work to extract the content from the dumpster files (if that does’nt give away anything)? I am trying to get it to work but not having any luck. i can provide what i have attempted so far
Edit…of course it would help if I updated the ■■■■ tool lol.
EDIT…okay even that didn’t work. keeps getting incompatibility errors even though the profile matches the os build. any help is appreciated on this part!
I have the same situation. Vol*****y says: “No suitable address space mapping found” and “No suggestion profile”. Also tried with WinDG, but didn’t see any useful.
Type your comment> @TazWake said:
@walk said:
any idea/article on how to get the “tool” to work to extract the content from the dumpster files (if that does’nt give away anything)? I am trying to get it to work but not having any luck. i can provide what i have attempted so far
Edit…of course it would help if I updated the ■■■■ tool lol.
EDIT…okay even that didn’t work. keeps getting incompatibility errors even though the profile matches the os build. any help is appreciated on this part!Google the tool name and the file you are working on.
I did that. I keep getting the following errors each time:
Suggested Profile(s) : No suggestion (Instantiated with no profile)
@Wimm said:
@walk said:any idea/article on how to get the “tool” to work to extract the content from the dumpster files (if that does’nt give away anything)? I am trying to get it to work but not having any luck. i can provide what i have attempted so far
Edit…of course it would help if I updated the ■■■■ tool lol.
EDIT…okay even that didn’t work. keeps getting incompatibility errors even though the profile matches the os build. any help is appreciated on this part!I have the same situation. Vol*****y says: “No suitable address space mapping found” and “No suggestion profile”. Also tried with WinDG, but didn’t see any useful.
glad i’m not the only one. I keep experimenting with the syntax and looking at articles, but nothing points me to the answer on the reasoning for why it fails.
@walk said:
I did that. I keep getting the following errors each time:
Suggested Profile(s) : No suggestion (Instantiated with no profile)
Ok, I think you are using the wrong tool. There is one dedicated to getting loot from the file you have and it comes in a windows or Linux version.
The one you’ve used will struggle because you dont have what it expects. If you look at most of the google hits for your tool and what you have, there is an assumption that you actually have something else.
Some of the links point to the tool you’d use with what you have now.
Type your comment> @Tapper21 said:
I got it!!
Thanks zdko, Tazwake,achyromaric and other member of this great group!
Evil-WinRM PS C:\users\administrator\desktop> whoami
blackfield\administrator
u welcome
That was a very solid box! Props to @aas
C:\Windows\System32>whoami && ipconfig
nt authority\system
Windows IP Configuration
Ethernet adapter Ethernet0 2:
Connection-specific DNS Suffix . :
IPv6 Address. . . . . . . . . . . : dead:beef::84cd:5c8:8ea4:9a15
Link-local IPv6 Address . . . . . : fe80::84cd:5c8:8ea4:9a15%17
IPv4 Address. . . . . . . . . . . : 10.10.10.192
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 10.10.10.2
Ok, i got it. Found the right tool but applied it to the wrong file
Big ups to @TazWake on the assist! Finally got user after getting my ■■■ kicked by the initial foothold. root shouldn’t be too hard.
Did you guys try downloading a file from the box? I tried getting a 17mb dump over SMB but it keeps failing. Any tips would be appreciated.
Type your comment> @Purp1eW0lf said:
This is one of the best HTB machines I have ever done. I’m really grateful to the box creator for the effort they clearly put in. I’d appreciate any feedback on my writeup for this box: GitHub - Purp1eW0lf/HackTheBoxWriteups: Writeups for the machines on ethical hacking site Hack the Box
I wanted to offer some hints that maybe haven’t been said on this forum yet, or need to be reiterated:
User 1 to user 2
- There’s a username that stands out, and correlates with an SMB share description.
- RPC is what you want, but the syntax needs a google.
User 2 to User 3
- Need to take the Kat for a walk but you’re on Linux? There’s a specialised tool for this very purpose.
- If you’ve done proper LDAP enum, and paid attention to a high port, you should know whose user creds you’re looking for.
User 3 to Root
- I found that Tobor knew what they were talking about more. But Tobor can’t spell for ■■■■, so double check their spelling mistakes
- For some reason, you’re going to need to add one space-bar space at the end of every line for that script. I have no clue why, but just go the end of each line and hit space.
All the hints anyone should need are here.
Finally rooted the machine, the Box was pretty interesting and well made. Learned a lot from the machine.
read @Purp1eW0lf 's hint, it has everything you need.
Thanks @zdko and @Purp1eW0lf for the nudges.
PM if you need help
Type your comment> @blacViking said:
Finally rooted the machine, the Box was pretty interesting and well made. Learned a lot from the machine.
read @Purp1eW0lf 's hint, it has everything you need.
Thanks @zdko and @Purp1eW0lf for the nudges.PM if you need help
you are welcome bro always
Thanks @zdko the nudge and I now owned the box finally by reading n***.dit file. I’m now trying another RCE way, I got NT Authority\system now, but can’t read root.txt I checked the permission, system has full control of the file, I even changed the ownership of the file to system, but still can’t read the content of root.txt and got “access denied” error message. Can anyone give me a nudge how to proceed?