Official Devvortex Discussion

tongchija · November 27, 2023, 2:40pm

the root part was too fun, keep in mind that you don’t need to overthink about useless stuff.
Thank you, 7u9y! Pretty good machine

busybox · November 27, 2023, 3:31pm

Congratulations! That where I am stuck currently any tips or advice?

liram · November 27, 2023, 4:01pm

Pwned! this machine is very straight forward!
DM if you need a nudge.

cool_guy · November 27, 2023, 4:11pm

I cant connect to the box. It says “Initialization Sequence Completed” but it doesnt look like it stopped running.

ellj · November 27, 2023, 4:50pm

Great question. Answer is virtual hosts.

Simplified explanation:

Virtual hosts are another website hosted on the same server as the main site.

The web server looks at the "Host: " header to decide which hosted website to route the traffic to. A single web server can have thousands of virtual hosts (and did, back in the day…).

Your tools will send different combinations to “foo.htb” with different “Host” header fields like “admin.foo.htb”, “api.foo.htb”, “dev.foo.htb” until the “foo.htb” web server returns something.

This is a common trope on HTB boxes.

vincecipher · November 27, 2023, 8:05pm

could someone please tell me how to generate a crash file ? I am quite sure to have the way of root but i need a real crash file and all my attempts didn’t generate one …

Mate0r · November 27, 2023, 8:26pm

Really a simple and straightforward machine !
But ■■■■ slow when you play the shared one with other and all of the reset because the thing has crashed so foothold is like impossible.

strangewall · November 27, 2023, 8:31pm

try using another VPN

BrokenBot2k · November 27, 2023, 8:35pm

I’ve successfully accessed the shell, but I’m unable to locate any .crash files in the /var/shell directory. Do you have any insights on this?

vincecipher · November 27, 2023, 8:36pm

someone on the same box as me succeed to create one so i got the root . But I still don’t know the command to create it …

BrokenBot2k · November 27, 2023, 10:23pm

Try using another VPN server, it worked for me.

Cabano · November 27, 2023, 11:24pm

Can’t say that was a easy box, since I have a lot of troubles for user flag. The root flag is what I expect for easy.

Js0n · November 28, 2023, 12:19am

User hint:

nudefender · November 28, 2023, 1:43am

I have tried switching VPNs and restarting VMs. I still can’t get a crash file within /var/crash… so frustrating. Any ideas?

nudefender · November 28, 2023, 1:58am

So switching VPNs to Free worked… so frustrating.

xBurningGiraffe · November 28, 2023, 2:20am

Nice curve ball with privilege escalation. DM me if anyone needs a nudge.

hieund24 · November 28, 2023, 3:40am

■■■■ nice hint

Shivahacker007 · November 28, 2023, 4:54am

https://www.hackthebox.com/achievement/machine/335227/577
Rooted the machine. Thanks for the hints @7H31NTR00D3R

dana404 · November 28, 2023, 11:12am

I got foothold but I can’t find a way to get to the user. Tried absolutely everything
Can someone give me a nudge?

T2M5 · November 28, 2023, 2:13pm

The vulnerability which you use to discover in foothold, maybe it can access local?

Topic		Replies	Views
Official Horizontall Discussion Machines	174	24738	December 12, 2024
Official Flight Discussion Machines	70	5473	May 7, 2023
Official Devzat Discussion Machines	41	2970	March 12, 2022
Official PC Discussion Machines	295	16043	October 18, 2023
Official Cap Discussion Machines	229	28056	December 11, 2024

Official Devvortex Discussion

Related topics