Official Fuse Discussion

HTB Content Machines
121

managed to get some users not sure what to do with them. looked into various kerberos attacks but doubt they will work. dont want to brute force as these boxes do not require it. any hits would be appreciated.

122

Anyone else on US-VIP-4? Machine is down for me. Tried resetting to no avail, and getting an error when I try to terminate.

Edit: NVM! Literally came up as soon as I pressed Post.

123

Agree with other poster who said this box should be ranked more difficult due to what is needed for root. Thanks to purplenavi for the patience and assistance!

124

I got the users list and tried making a custom password list using c**wl. But no luck yet. Any nudges, please…!!!

125

OK VS is now driving me insane.

I think i have a character set or similar problem and have no idea where to start looking to fix it.

some how

#define FOO _T(“\\ab\\”) in source translates into ?? on console and 慜屢 in the final destination.

If any one understands my vague description or how to force VS to behave I would appreciate a hint/nudge/hand

126

Type your comment> @Somnus said:

OK VS is now driving me insane.

Me too.
A lot of errors from VS19 (VM community edition) for Ex…C…m
No error for eo…er but it doesn’t work, it doesn’t load the sys.
I’m sure I’m on the right path. Any suggestions ?

127

Can someone ping me about the last step for root? Literally one command away and I cannot figure it out for the life of me.

128

Initial foothold:
is about enumerating and making a list…

Root:
You need to use a special software.

Ping me if you need any nudge.

129

Finally Rooted…what a machine…!! It’s all about enumerating the box and identifying the purpose of the box…!!

130

And Rooted!

That was a crazy ride…Definitely learned some things and had to step outside of my comfort zone on a few things. Glad that it is over, and oddly looking forward to another one from @egre55.

Thanks to @matheusbrat @syro @M3noetius and @algernope for pointing me in the right direction through this journey.

DM me on Discord @v3r1t4s06 if you are having trouble. Cheers!

131

Rooted…with complains.
The foothold indeed was a good sneaky thing…thanks to @SanderZ31 for pullinge me out of swamps.
Root is a totally different thing.
No, really, this is not at all something that depends of the “hardness” of a “medium” box.
I’m not into the argument that you need a win box to go ahead: this is ok. If you want to exploit windows you must have some grip on MS, then sometimes using windows is a “must”.
The point is that what you need to go ahead is an “ability” not linked at all neither to the vulnerability itself nor to the capability to spot out a path to root and not even on the understanding of windows internals.
Am I really expected to spend days debugging my own rig to root a “medium” box just because this git compiles only on that specific platform? :confused:
Thanks also to @ellj for addressing me to the binaries: you probably also saved my marriage!! :lol:

132

Rooted. Foothold is very similar to one of the recent box released. Check out your notes if you have taken down. Complained initially because the box doesn’t seemed to work the way I thought it supposed. Solved after reset once.
Root process was slightly difficult for me. Follow the comments closely you know VS helps in code compilation. Broad concept for root process is also similar to one of the recent box released too.
If you see something strange, google it. You will eventually know the path to root. Thanks to box creator :slight_smile:

133

For anyone struggling with the reset, take a look at autoexpect. Makes it a breeze :wink:

134

Rofl, i’m connected to smb but enum for user part make me crazy…

Can someone give me a nudge please ? :cry:

Edit : Feel stupid, thanks for the nudge :slight_smile:

135

I am lost - did dig the additional host detail etc and have the usersin a list. lost on next steps if anyone can nudge me on next steps - pretty please

136

Type your comment> @Somnus said:

OK VS is now driving me insane.

I think i have a character set or similar problem and have no idea where to start looking to fix it.

some how

#define FOO _T(“\\ab\\”) in source translates into ?? on console and 慜屢 in the final destination.

If any one understands my vague description or how to force VS to behave I would appreciate a hint/nudge/hand

OK so finally got this working after giving up on the #define FOO _T(“\\ab\\”) sections and basically doing a find and replace /hard coding the variables within the source file.

137

Wow this machine was hard, the initial foothold makes me feel a bit disappointed about my enumeration skills, but at the end I could understand that everything in it was new to me, so thanks to @egre55 for uploading it.

Also thanks to @ferreirasc for helping me in the Initial foothold of this one, without your hints, I could never finish it

My Hints:

User:

  • The famous tool is not smart enough to extract what you need from the site, so do it manually (I could achieve this thanks to @ferreirasc )
  • Machines without a monitor are also important (I also could achieve this thanks to @ferreirasc )

Root

  • You are more powerful than you could think

You can delete this post if you consider it spoiler

138

Rooted. After two night of attempt …
I did not appreciate the obligation relating to the VS.
Excluding this detail, a good experience.
Thanks to @egre55 for this nice box

139

Finally got round to trying to get root on this and was successful fairly quickly (once I’d rewritten one of the PoC tools in VB of course). Pretty much just look at what your account is allowed to do, google it, and you’ll find some examples and code to help.

I don’t really agree with people saying that needing to use VS is a problem. The free version will do everything you need.

At the end of the day HTB exists to help you learn/practice real world hacking techniques, and if one of those techniques requires you to install a completely free piece of software on the world’s most common desktop OS, I don’t think HTB should feel like they have to avoid that.

In a real world pentest, you can’t expect your customers network to be tailored specifically to the OS and tools you prefer using. If you’re attacking Windows machines, I think its perfectly reasonable to expect you to have a Windows machine and be willing to use a free tool like VS. If you don’t like that then maybe stick to attacking the Linux boxes

140

Type your comment> @VbScrub said:

Finally got round to trying to get root on this and was successful fairly quickly (once I’d rewritten one of the PoC tools in VB of course). Pretty much just look at what your account is allowed to do, google it, and you’ll find some examples and code to help.

I don’t really agree with people saying that needing to use VS is a problem. The free version will do everything you need.

At the end of the day HTB exists to help you learn/practice real world hacking techniques, and if one of those techniques requires you to install a completely free piece of software on the world’s most common desktop OS, I don’t think HTB should feel like they have to avoid that.

In a real world pentest, you can’t expect your customers network to be tailored specifically to the OS and tools you prefer using. If you’re attacking Windows machines, I think its perfectly reasonable to expect you to have a Windows machine and be willing to use a free tool like VS. If you don’t like that then maybe stick to attacking the Linux boxes

Totally agree with you. We need to adapt and I would say even more it is all the interest of this platform to discover different techniques, tools, methodology etc…