Official discussion thread for Love. Please do not post any spoilers or big hints.
So excited!!! … Made it to top 25 … Thanks @pwnmeow
User
Attack vector is right in front of you… Basic reconnaissance is all you need… Keep in mind, not always do the paths need to be the same… Just go with your instinct and correct the path.
Root
Don’t we all LOVE misconfigurations #convenienceoversecurity… Finding it is easy especially if you LOVE vegetables…hahaha
Feel free to DM in case you need a nudge 
In case you are still stuck after trying everything, u might wanna watch this 
Hey, thanks for that. The foothold tripped me up a bit but after I thought about what I knew and what you said it clicked.
Interesting little method you don’t see often like that.
rock on
Rooted, was a fun box. Was challenging but not frustrating. Agree with enumeration for user, pay close attention to services and what information is on them.
DM for nudges if needed, good luck and have fun
Spoiler Removed
I can read files, but dont know how to use this. Help, guys
Just rooted/system’d this box, however got stuck for a long time on root – I was actually entering the right commands, it was (I think) because of my shell. For people that have rooted this box - do you know why I was getting errors with mc.exe when running from my e*rm shell? Thankyou!!
Rooted. IMO not the easiest box based on the amount of attack surfaces. Root was a lot easier than user.
How does someone get user in 8 mins? It probably took me longer than that to find a working rev shell
@coopertim13 - I ran into the exact same thing you did. I also don’t know why it didn’t work.
I’ve rooted the box but i’m quite frustrated that i couldn’t exploit one of the foothold attack vector. This is probably a more advanced S**i scenario, if anyone has managed to work with that i’d be curious to find out how you exploited it…
Type your comment> @Exci said:
Rooted. IMO not the easiest box based on the amount of attack surfaces. Root was a lot easier than user.
How does someone get user in 8 mins? It probably took me longer than that to find a working rev shell
By organizing notes and tools.
Rooted!
User
- Don’t waste time and threads!
- Focus on the results came from tools
Root
- A tool can #suggest it for you
Fun little ‘easy’ box for people new to HTB to learn from. I don’t know if I just spend too much time doing web challenges but I didn’t have much trouble with foothold.
My Windows local enum is so weak, so it took a while before deciding to switch to a popular script to speed up the search and as soon as I saw and recognised the Windows 101 escalation vector, I kicked myself and got SYSTEM right away
I need to do more Windows boxes!!
It must be easy to me but I couldn’t find the way. Can someone give an advice with spolier on DM
Anyone willing to ping me with a nudge on footholds? I’m still learning (only been doing literally any hacking for about a month, if that). I’ve done all of the enumeration i can think of and dig into pretty much all of the subdirectories. i even did some sql enumeration for way too long. I definitely feel like I’m over thinking this and a nudge would be very helpful.
For user :
Think basic and look at your nmap.
Try to analyze the service’s functionality and understand what could be done along with what’s exposed and whats not.
For root:
Easy privesc … use your scripts well and not much enum needed…
Have Fun!
Nice easy box,I like the foothold I didn’t think about it in first place and forgot about some other services running so had some time banging my head but overall I really enjoyed it
is it normal, that I have all ports filtered? ?? this is first time that I face such a prooblem
just rooted: thank you @OldProgrammer for the root part.