Official Fuse Discussion

Type your comment> @egre55 said:

As the author of the box I’m happy to discuss any questions you have about realism @VoltK

If anything the root is the most unrealistic component, due to how Microsoft has changed the behavior in later releases of Windows, you are less likely to see this is many environments.

User is very realistic and something you see in real environments.

I accept that foothold is contrived to a certain extent, but if you gain a foothold on such a device, even the names might be insightful, in terms of company-specific language/vocabulary

Respect to the Box Creator @egre55 ,The box is Real ,enum,recon are real world ,vulnerabilities can be patched ,Not humans

Type your comment> @AangAirBender said:
> Root: For those who are facing problems with the E*L**D**.cpp update,
> Hope this is not considered a Spoiler!!!
> 
> 1 - Download the project to your windows machine. Unzip it.
> 2 - Open VS2019
> 3 - Open file E******C****m.sln
> 4 - Open file .cpp and update it accordingly ( look at this code approach: https://cboard.cprogramming.com/windows-programming/109024-createprocess-plus-command-line.html.)
> 5 - Compile!!!!!!
> 6 - Upload the .exe and the recommended files to the server and shot!!!
> 
> Just rooted!!!

This was very helpful while getting the root.

Thanks @TazWake @acidbat @Chobin73 for the nudges

Finally rooted.

PM if you need help.

Type your comment> @blacViking said:

Type your comment> @AangAirBender said:
> Root: For those who are facing problems with the E*L**D**.cpp update,
> Hope this is not considered a Spoiler!!!
> 
> 1 - Download the project to your windows machine. Unzip it.
> 2 - Open VS2019
> 3 - Open file E******C****m.sln
> 4 - Open file .cpp and update it accordingly ( look at this code approach: https://cboard.cprogramming.com/windows-programming/109024-createprocess-plus-command-line.html.)
> 5 - Compile!!!!!!
> 6 - Upload the .exe and the recommended files to the server and shot!!!
> 
> Just rooted!!!

This was very helpful while getting the root.

Thanks @TazWake @acidbat @Chobin73 for the nudges

Finally rooted.

PM if you need help.

Glad to know that it helped!!!

I feel like an idiot. I’ve got everything compiled, but I cannot for the life of me get the files onto the target.
I’ve got an evil-winrm session, but every command I try returns with “host cannot be found” when I try to pull the files from my machine to the target.

(EDIT: using IPs and not hostnames)
(EDIT2: Nope, I am an idiot. Got it resolved, and got root.)

i would like to know why i didn’t connected its stoped here …

listening on [any] 4444 …
connect to [10.10.15.106] from fuse.fabricorp.local [10.10.10.193] 52557

nevefrmind

Type your comment> @Jk3r16 said:

i would like to know why i didn’t connected its stoped here …

listening on [any] 4444 …
connect to [10.10.15.106] from fuse.fabricorp.local [10.10.10.193] 52557

NEVERMIND My bad

Is anyone else having a problem with clock skew? I tried syncing my machine with the ntp server, but then that screws up OpenVPN and I lose connect to the whole network. Is there another way short of running a VM in my VM?

edit: i’m dumb. was trying to connect to a service to do a step, and I didn’t need to. There was another, probably more commonly used way to do what I needed. Got user.

Rooted, nice box, Thanks to the creator @egre55
if any one would like a help dm me or catch me on discord

Type your comment> @HomeSen said:

Got some users, and some creds, but can’t use them on any of the services :smiley:

can you help me with users, I always get access denied

@systemcheater said:

Type your comment> @HomeSen said:

Got some users, and some creds, but can’t use them on any of the services :smiley:

can you help me with users, I always get access denied

Look closely, WHY your access gets denied. And then, do something to change that :wink:

Type your comment> @HomeSen said:

@systemcheater said:

Type your comment> @HomeSen said:

Got some users, and some creds, but can’t use them on any of the services :smiley:

can you help me with users, I always get access denied

Look closely, WHY your access gets denied. And then, do something to change that :wink:

i already search for a lot of thing, can you dm me ?

I’m really not understanding this box. I’ve seen SMB messages of a needed password change, change the password, and it doesn’t stay. I seem to go between command failures using the new password or using the old password and get password must change message. Is this a feature?

Type your comment> @psychocircus said:

I’m really not understanding this box. I’ve seen SMB messages of a needed password change, change the password, and it doesn’t stay. I seem to go between command failures using the new password or using the old password and get password must change message. Is this a feature?

Same boat. Trying to get a shell using psexec right after changing the password but the exploit fails since the password is reset nearly instantly. Managed to enumerate shares using a bash script but I do not see anything interesting there. Can i get a nudge?

@0bs01337 said:

Same boat. Trying to get a shell using psexec right after changing the password but the exploit fails since the password is reset nearly instantly. Managed to enumerate shares using a bash script but I do not see anything interesting there. Can i get a nudge?

Try another way. Dont rely on “getting a shell” at this stage. There is a client you can use to connect. You can use this to get something which will allow you to get a more stable connection.

Found root flag and user flag but when I submit them gaved me error the box was beautiful BTW can give help if someone wants

Anyone have any idea why something evil would be giving an error of “type HTTPClient::ReceiveTimeoutError”? I can ping fuse, I can rpt into the box, I can connect to shares, I have valid creds for s-p*. Not sure what’s going on here.

@aut0exec evilwinrm - u username - p ‘password’ put ‘’ and then inside the pass

One of my favorite boxes on HTB. Learnt so much. Thanks to the great @TazWake for the nudges.

Remove the -p and it will prompt.

Stuck on the foothold.
I have the lists - confirmed correct information on lists. I’m stuck on the next step. I can’t get into any of the accounts with any service. I’ve tried them all so I’m obv missing something. Any push in the right direction would be quite nice. (also accepting nudges, hints, screaming, and finger pointing - in the right direction.)