Official Instant Discussion

HTB Content Machines
45

You are supposed to brute force it using rock you, you can write a script for that, or if you want message me I’ll send the one I used!

46

Yes :)
image

47

some hint on the vuln for user? I found one but don’t know how to exploit it.

48

whaat you got 45 points? i got 35

49

have you found a way to extract data from the target? look for files that will get you inside

1 Like
50

lol what a noob, just found it… thanks

1 Like
51

Through the UI, see what you can view for the user, then expand your thinking…

52

I was able to decrypt the file, got what I need, but unable to connect trough ssh with root ?

53

For anyone struggling with cracking the [spoiler]
Session file, there is a pretty good script made by ItsWatchMakerr on Github, this way you dont have to run it on a windows machine like i had to
Github Page: GitHub - ItsWatchMakerr/SolarPuttyCracker: A Python tool to crack solar putty session backups

Props to the guy
[/spoiler]

Spoilers about privilege escalation

10 Likes
54

Since you are already on the box, maybe don’t try to ssh as root…

55

Nice and easy box, kudos to the author.
The user part was really fun and enjoyable, the root was pretty straightforward but fun nonetheless.
As always if you need any hints feel free to dm me.

1 Like
56

image

I did it! Some people thanks for the tips!

2 Likes
58

Thanks for the tips guys! Owned Instant from Hack The Box!

59

yep got a tip from csoruc153 thanks :slight_smile:

1 Like
60

Nice challenge so far… :slight_smile:

Receiving lots of Internal Server 500 messages on attempting to get foothold.
Normal, or does the server require a reboot?

EDIT: Nevermind, I just needed coffee :joy:

61

Some mighty fine hints in this thread. Just gnabbed root so feel free to DM if you need a nudge :slight_smile:

63

image
image882×787 123 KB

pwned it elhamdullah, needed some help with the apk tho :D.

2 Likes
64

Already found the subdomains and the Authorized token but got stuck. Any tips?

65

Hint: “You need to go back to the source, Neo” :wink:

I just pwnd user.txt flag. Keep it up, you’re in a good way!

(Edited): Ok, we got it!

66

i got the cookie “Authorized” and found the endpoints. idk what to do next. i registred and logged into my account. viewed the admin profile and my profile. but still can’t figure it out. any hints?