Official Caption Discussion

koalajoe · September 16, 2024, 4:04pm

In hindsight wasn’t that hard, but man, so many rabbit holes to dig through.

Machine would have been nicer as medium/easy box without the services and telegraphed vulns that lead nowhere

Azizif6 · September 16, 2024, 4:13pm

im so lost in these rabbit holes. I cant get out xD

Chainmanner · September 16, 2024, 6:11pm

I think that’s part of why it’s ranked “hard”, because of the rabbit holes present. I don’t mind; it’s good to practice finding out when you’re stuck in one and cannot proceed further. Too many times I have tunnel vision and will keep trying something futile because I’m forgetting the big picture.

PinkPanda2763 · September 16, 2024, 7:23pm

You dont need a rev shell for foothold.

tumehh · September 16, 2024, 8:16pm

uh i was able to log in to GB with certain default creds like 2 hours ago, now im back at it and its not working. I wonder if someone changed them?

E: Yes, someone had changed them, reset fixed it. PLS guys dont do that

Azizif6 · September 16, 2024, 8:35pm

I think it regenerates a random ** on restart.
happened to me a few times

Retrosoda · September 17, 2024, 4:57am

You guys are insane for thinking this is a medium.
I’ve just spent the last 30 hours chasing random rabbit holes and it turned out to be something I made a note of within the first hour.

yashar · September 17, 2024, 12:47pm

Did anyone manage to make the

Summary

SSH keys

work?

joher · September 17, 2024, 12:50pm

chatGPT helped me with it

yashar · September 17, 2024, 12:59pm

are you on about the SSH keys?

joher · September 17, 2024, 1:01pm

yes. ask him to reformat it

yashar · September 17, 2024, 1:05pm

Thanks, I had done that 20 times, and it didn’t work.
Finally did, thanks!

T0v1r · September 19, 2024, 12:52am

Wow, there are indeed rabbit holes. It took me a few days to get out of these rabbit holes. After that, in 20 minutes got user and root
For those still stuck, the chemical formula for water is H2o. It can do more than just viewing data.

kurogai · September 19, 2024, 1:49pm

Same!!! Got user and already got the path for root, this is not that medium box, but i liked it

empulse · September 19, 2024, 6:36pm

so after working for a few days my ssh key is no longer working and neither is the exploit I used to get user, saying function not found. this even after resets and switching vpns. anything else hit this?

Chainmanner · September 19, 2024, 6:44pm

Don’t know what exploit you used, but for the SSH key, it seems to be regenerated on every boot. I noticed that when a machine would get reset, I’d have to use the user exploit all over again.

empulse · September 19, 2024, 6:51pm

the method I used to get the ssh key finally worked on my 3rd vpn change. which makes me wonder if I missed something needing to be done prior to make it work or if the method is just not working on some boxes.

TiredPerson · September 20, 2024, 5:55am

Any hints for initial access? I got m**** user for port 80 and the admin user for port 8080 but running into a wall. I looked around everywhere and nothing seems to lead anywhere.