Official Ghost Discussion

Official discussion thread for Ghost. Please do not post any spoilers or big hints.

Woooo

HERE WE GO BOYS! Lets end this season strong.

Ill be crying in the corner for sure on this one

Alarm set, scripts ready, tear ducts prepped !!
Good luck, buenos suerte, Удачи!!

Me, when the first revshell doesn’t work:

ghost-pun-comics-3545170-2543941628811×811 182 KB

show us great hackadabra tricks

Anyone wanna speculate the contents/task/purpose? I’m interested in your interpretations!

Ghost: I suppose it could be about Stealthy malware, or hidden processes in Windows.
Maybe hidden obfuscation or techniques for detecting and analyzing ephemeral shtuffs?
OR, memory forensics?
Welp, I anticipate a thorough brain beating coming my way…

Probably GhostScript Related. My best guess.

As long as its not really crappy XSS for foothold where i have to make an account and constantly reset cookies ill be happy. Also docker sucks LOL.

That’s the Postscript PDF thing?

Yeah. Kinda hope im wrong becuase we’ve had like two PDF boxes already.

Agreeeed! Ghostscript exploitation or stealth shenanigans. I’m scared.
I suppose, together, we all can Luigi’s Mansion this thing!

This gonna be me by friday next week.

How we doing, guys?

Spent from some AD modules in Academy and haven’t even started an instance of Ghost.
Since this is a Windows box, my guess is there is more AD.

Lots of AD gonna be had in this one seems. I see an interesting port for certificates thats got me nervous.

Found a site with a diff port. “Ghost” site. Version 5.78

Kinda creepy…cool.

I was hoping you were wrong about creating accounts…but that’s the I’m falling down, right meow.

It wasnt the Link on the front page was it? Thats just a link to the actual GHOST web kit. thats a real site.
Ive only found one site so far on a different port.

Nay, there’s a link on the HTB website that takes to an actual Ghost software website, too.

Im down a API rabbit hole at the moment lol.