Official Hospital Discussion

Viperr · December 4, 2023, 6:26pm

The reverse shell from payload all the things will not work here, but there’s another popular php shell that will.

ahmad_0616 · December 4, 2023, 8:19pm

how did that go , did it work ? and if it did ,how?

ak4izz · December 15, 2023, 4:15am

I’ve goot administrator priv and find 2 flags but it says that my flags are incorrect when submiting…What’s going on?

xer0x0wn3r · December 15, 2023, 5:18pm

How to use p0wny to get user ? Can anybody help ? do you obfuscate the code ? do you use burp like proxy to add code when upload a .phar file or you upload a .phar with code already inside ?
I don’t understand why when I’m try to upload p0wny shell the upload doesn’t successful

xer0x0wn3r · December 18, 2023, 9:05am

Need help with sent mail When I try to attach a file It doesn’t attached. Even it was a jpeg file. It only attached empty files (((( What I do wrong ?

Nomennescio · December 21, 2023, 10:00pm

I’m stuck in ‘Error code: SSL_ERROR_RX_RECORD_TOO_LONG’

Nomennescio · December 21, 2023, 10:02pm

I’ve tried resetting the box but nothing happened atp I’m just going to bed

pudii · December 28, 2023, 10:00pm

Anyone wants to discuss root/Administrator path with me? This one was weird for me… Please DM

Figurx · January 4, 2024, 7:02pm

Hi. Can you tell me why the first host we access via the web app has a different IP. That is, starting with 192.168.x.x. How can this work if my kali is not in this subnet. Is this some kind of container?

m3lodicmin0r · January 4, 2024, 9:13pm

Phew… That was a journey.
User
Root
Feel free to HMU if you need a nudge.

225599 · January 7, 2024, 9:02am

Can you share what led you to try webmail on port 443 instead of staying on port 8080 or other opened ports? Thank you in advance

Faelian · January 7, 2024, 10:33pm

You first need to exploit other things.
The webmail is only interesting when you already have credentials.

And as the forum already said. Do what Dr. Brows say when you are at the webmail stage

noobstain · January 9, 2024, 9:50am

i am having issue : Forbidden on port 8080 on hospital machine.
help?

dylvie · January 9, 2024, 5:44pm

An easy and interesting medium machine. Thanks!

FOOTHOLD : it’s a DC, but don’t go away! It’s not an AD challenge
USER : find RCE and crack. Pay attention to email.
ROOT : lol . Easy, but a classic and not so used vector.

dikshitkhandelwal · January 24, 2024, 10:28pm

Can someone please help me with initial footload.
I did all enumeration with major port but no luck then I finally found something with webserver with file upload. I have tried various way to upload it but no luck of getting reverse shell

fr3dzz · January 25, 2024, 3:05am

Has anyone had issues logging into the app on 443?

R3dFoxie · January 31, 2024, 9:48pm

it says connection to storage server failed eh?

R3dFoxie · January 31, 2024, 9:49pm

use GitHub - flozz/p0wny-shell: Single-file PHP shell for php reverse shells

GhostEcho · February 1, 2024, 7:36am

Hey i got both the user flag and root flag but hackthebox doesn’t recognize them and saying invalid flags i get the user flag from

drbrown.Hospital

and got the root flag using

xaamp

! What have i done wrong?

hackw3ll · February 10, 2024, 4:33pm

same here. I just reset the box to no avail.
the date of the flag files are 2/4/2024 so quite old
EDIT: switched to EU VPN and got a sort of clean and up to date instance. Problem solved