Very Easy User in an Easy box finally
rooted. Very easy box 
DM if you need help
Yah, user is super easy. Could have got it in less than 3 minutes.
Type your comment> @GordonFreeman said:
um, did anyone find the link the bottom of the ad*** page goes to a site linked to malware?
Malware Link:
http://skymbu.info/ (dont go to)
Not really, looks like a parked domain.
It seems that PoC for privesc is written in Python but Python is not installed on the hostā¦
I feel like Iām looking at the right service based on box name and logo (as mentioned by @Caracal ) I wonder what I am missing.
Type your comment> @civility0 said:
It seems that PoC for privesc is written in Python but Python is not installed on the hostā¦
I feel like Iām looking at the right service based on box name and logo (as mentioned by @Caracal ) I wonder what I am missing.
Maybe plxxk.exe
Rooted! Easiest box on HTB by far. Thanks to creator!
Type your comment> @civility0 said:
It seems that PoC for privesc is written in Python but Python is not installed on the hostā¦
I feel like Iām looking at the right service based on box name and logo (as mentioned by @Caracal ) I wonder what I am missing.
Itās not because something is not installed on the machine that u necessarily need it.
You want to access something on the inside, but from the outside, what can you do ?
Some basic windows utilities can help you, or just find the right tool 
Rooted! Great box, very easy.
Both user and root are really simple, although root can be a bit difficult to āset upā
Okay. This box is rooted. A very straight forward machine.
My hints:
For user: There is a big hole and it is available readily for the public.
For Administrator: Usual Enumeration and also there is a hole in it.
Simply, Google FU is all you need.
PM for cryptic nudges.
Type your comment> @sparkla said:
Apparently āwhoamiā is malicious
PS C:\Users> whoami
whoami
At line:1 char:1
- whoami
This script contains malicious content and has been blocked by your antivirus software.
+ CategoryInfo : ParserError: (
+ FullyQualifiedErrorId : ScriptContainedMaliciousContent
hahaha lol 
Need a nudge for user. tried to upload php reverse shell in /a***n but couldnāt. Also tried basic bypass in login but failed.
Spoiler Removed
Lots of creds, no progress (for root) - any nudges please
Type your comment> @coopertim13 said:
Lots of creds, no progress (for root) - any nudges please
Name of box. Look for interesting files.
Type your comment> @civility0 said:
It seems that PoC for privesc is written in Python but Python is not installed on the hostā¦
I feel like Iām looking at the right service based on box name and logo (as mentioned by @Caracal ) I wonder what I am missing.
Maybe there is a way to run a python script without python being installed.
I think I know what my next step is, but iām not sure how to do it. Google and youtube were no help, but probably because iām using the wrong search terms. I used script for GMSe, and got in. Iām not sure how to access n****t, and i donāt want to just use someone elses work. If anyone could provide a link to a video or a site or just provide the google terms I should be using, I would really appreciate a DM. Thank you!
Trying to figure out root. See the path and created what I need to but need to figure out how to carry it out. Iāve seen hints that point to tools but have had no luck. I also tried compiling the snake, bringing it over and running it but get an error. Any thoughts? A nudge would be super helpful
I tried for 2days and still cannot find the way inā¦ i have tried some tools, found an a**** folder, i see some error on that page and some error with a full path but after that i was stuck.
@GordonFreeman said:
um, did anyone find the link the bottom of the ad*** page goes to a site linked to malware?
Malware Link:
http://skymbu.info/ (dont go to)
I went to the link twice before realizing something sketchy was going on. How fucked am I?