Type your comment> @dlmshc said: > Type your comment> @BisBis said: > > Hi, i’ve been looking for a couple hours but i’m stuck at the very first step. > > When I use the ip in my browser I get redirected to : horizontall.htb but I don’t have a website, only an error “Server not found, Hmm. We’re having trouble finding that site”. > > I’ve reset the machine twite yet nothing appear to help. > > Am I missing something or is it truely a bug ? > > Did you add the ip into your /etc/hosts file ? > How machines are accessible with domain name Thank you !
Have to say I quite liked this box. It is listed as “Easy”… I know why it’s listed as easy but, the root part does seem as though it’s a little more “Medium” because it took a little bit of work to figure it out. Good box though.
Thanks @wail99 for this box 
I had fun ! As always, don’t hesitate to PM if stucked, but some insights: - Foothold: don’t, as I did, use always the same wordlists… Made me loose 3 hours… - User: follow CVEs and you are fine - Root: basic enumeration to find privesc way
Machine /done Cool box so far. If you are stuck you may DM me but please provide steps already taken
this machine shouldnt be an easy machine, it should be a medium, its too hard for beginners i understand that hackthebox is trying to make the machines more challenging and many old timers here already can hack this machine with ease but do keep in mind that there are also many beginners who just started hacking in this site, the machines are getting harder and harder and now easy seems like a hard machine to many of the beginners how do you expect the beginners to be able to hack them and learn? this site is getting more and more unfriendly to beginners, the hard challenges/machines only appeal to the pros so i hope the moderators of this site can do something, please grade the machines exactly based on their difficulty, or else many beginners will just leave this platform
please, any hint for root…
Type your comment> @anthonypope95 said: > please, any hint for root… try to enumerate what services are running in the machine
Tricky one…
Fun box, A good easy box for me! Congrants @wail99 !
trying to submit the user.txt flag from the d******* home but HTB responds with incorrect - anyone having the same problem? am I missing smthg? I missed the last 12months of updates on htb (lots of new stuff around) lol
pwned but both flags dont work when I try to submit - mha
I had the same issue with the flags not taking. Had to paste them a few times and they ended up taking. I put together a TLDR for a tool which might be useful on this box: https://gnnr.net/redteam\_cookbook/tradecraft/chisel/
Thanks for the machine @wail99 , I’ve learned some important lessons… Let me report some mistakes i made: ## Foothold + User Don’t be scared of hundreds of lines, always have a look at them… there may be some information… ## Root Read carefully the CVE you’re going to use and if you can use it, before rushing into it
Played this box tonight and I had a lot of fun. Great box - thanks for the creator! My take: Definitely a bit harder than a ‘normal’ easy box. There are multiple steps required which teaches you a lot. It’s realistic and fun. Some hints: Foothold: Security by obfuscation is never a good idea. Never. Study, read and you will find the next step. Follow it and take a few more steps to gain user. Remember that you can get a better shell if you want to. Root: Definitely a more interesting way to gain root. Once you find the way forward, you might think it doesn’t work. Relax, breathe, and make sure you try it exactly as described. Many thanks to the creators!
Submission not working for me. Could anyone confirm the current flags start/end. I am getting annoyed as they are incorrect (apparently) lol /home/d******er/user.txt 6f******50 /root/root.txt a2*****d5
I’m currently at work so I can’t confirm the actual flags for you, but I believe they rotate every time you start the machine. I CAN confirm the directories - you are looking at the correct spot. I’ve read other people having issues with flag submission as well; yesterday I had trouble even logging into HTB, so I suspect it’s an HTB issue.
Thank you for your reply - yesterday, I reverted the machine and tried again with no success. Today I had to regenerate my vpn access and point to a different server, it finally worked. “Aris” on discord suggested this. Never happened before. Anyway, kudos to wail99!!
pwned <3
I have some doubts. I don’t know what types of files can be parsed in the dashboard. I tried the PHP file and found that it could not be parsed
Got the user foothold. i even got the proper shell using s** not stuck at privesc . can someone help me with privesc ? is there something i am missing ?