Official Health Discussion

system · August 20, 2022, 3:00pm

Official discussion thread for Health. Please do not post any spoilers or big hints.

MrMidnight53 · August 20, 2022, 8:23pm

im stuck on foothold. Never dealt with webhooks #_#

XmesutX · August 20, 2022, 8:30pm

me too bro I think the c**kies are including something interesting which I can’t understand I’m just focusing on them because I can’t see anything else interesting.

N118 · August 20, 2022, 8:34pm

am seeing the traffic on tcpdump from the form field, maybe there is something there?

BlueGh0st · August 20, 2022, 8:53pm

Just to be clear – creating a webhook doesn’t work for anyone else, right? I get no server response at all after submitting. Not sure if I need a new instance…

JacobE · August 20, 2022, 9:03pm

Testing the webhook works.

JacobE · August 20, 2022, 9:04pm

Some of these easy boxes man…

N118 · August 20, 2022, 9:07pm

how did you read the response?

JacobE · August 20, 2022, 9:09pm

You mean the POST request? Just catch it with a webserver that can handle POST requests.

BlueGh0st · August 20, 2022, 9:13pm

For some reason using a VPN on my host machine was totally breaking the HTB instance. I can now see the callback and the page loads normally. What a pain…

N118 · August 20, 2022, 9:54pm

any clue on the foothold?

ARZ101 · August 20, 2022, 11:17pm

I have found the attack vector but it doesn’t look I can do much with it

JacobE · August 20, 2022, 11:32pm

I think we are stuck at the same place. We found a way to look at home, but there isn’t much there. I think what we are looking at is really old, so possibly vulnerable. Haven’t gotten anything to work though.

BlueGh0st · August 20, 2022, 11:46pm

The vulnerable service is obvious but none of my payloads work. Trying to do it without looking seems fruitless because it appears she hasn’t committed to anything… So I’m trying the other way- I’m sure it’s an encoding error but I’m running out of ideas…

Edit: ~~It just occurred to me that you could also do it all backwards… whoa.~~ Nah.

pa4ul · August 21, 2022, 9:39am

Any hints?

ARZ101 · August 21, 2022, 10:05am

DM me

JacobE · August 21, 2022, 12:29pm

Got root! Everyone shed a tear for the prospective hackers who assume this box is entry level and fail at the foothold.

x5053 · August 21, 2022, 4:41pm

Guys, I just figured out the initial access. This is NOT an easy box. I would rate the initial access vector as Very Hard or Insane… Hint: The deleted comment above mine by popeye109 helped me a lot, but I had already figured out how the “monitoring” service behaves.

So, if you can’t figure it out, just move on to another box and wait for the walkthrough. I wouldn’t waste too much time on this.

Relwarc17 · August 21, 2022, 6:02pm

Any hint on privesc?

N118 · August 21, 2022, 6:02pm

Any hint on the initial foothold