Official Outdated Discussion

system · August 13, 2022, 3:00pm

Official discussion thread for Outdated. Please do not post any spoilers or big hints.

JacobE · August 13, 2022, 8:13pm

I got root. But this cannot be the intended path right? HTB might want to patch the machine

mathys · August 13, 2022, 10:34pm

Ye same They’ll probably fix it in the next days

ARZ101 · August 14, 2022, 12:42pm

Any nudge for intended ? It seems that I can get a callback but no idea where to go next as it doesn’t do something on a certain part

MrMidnight53 · August 14, 2022, 2:25pm

im also stuck on user. I do think im on the right path tho

ramshu · August 14, 2022, 5:40pm

I think there will be a quick patch for the box

MrMidnight53 · August 14, 2022, 6:55pm

its already patched i guess

ramshu · August 15, 2022, 5:13am

Not yet

meowmeowattack · August 16, 2022, 8:41am

user flag:

something good is shared
the share shows an address and a list of to-try
one of the to-try leads you to your office, where you need to write some doc
share your doc via a link to the support team, so that the team will give you the access
note that the mail checking part appears to be unstable, if no callback, reset your machine and try again
you are in the host, take your dog for a walk
learnt that you can give another user a password to access
gain that user’s ticket via the password you provided
be the other user via the hash

root flag (first got root via unintended way, the following is a summary on the intended way):

there is security update server and the reg values confirm it’s exploitable
sharpen your wsus to exploit
the tool is not compiled, so either compile it by yourself or decompress it from one that’s already compiled (need to do some search online)
the rest is pretty straightforward, payloadsallthethings has the instruction given

XmesutX · August 16, 2022, 1:29pm

Can anyone help about callback stuff?

YairB · August 16, 2022, 10:09pm

Someone can help? I send an email to the staff (i*su*****@…) and I think something doesn’t work…

shox161 · August 17, 2022, 4:20pm

I tried resetting my machine multiple times on different days. Tried switching to a different server and it finally worked.

Hack3rbot · August 18, 2022, 11:50am

Spoilers should not be posted on the forum.

@HacktheBox

meowmeowattack · August 18, 2022, 8:53pm

hi there, which lines do you consider a spoiler, i can either remove or obfuscate.

Hack3rbot · August 19, 2022, 4:12am

Well. All of them. Its pretty clear what todo and what to exploit and which order.

Its is a nice writeup

meowmeowattack · August 22, 2022, 4:00am

thanks

@hackthebox, please remove “All of them”, thanks

southwind · August 23, 2022, 5:16pm

I"m stuck finding a binary/executable for a well known tool (W******.exe). Any help will be very much appreciated.

g3ner4l · August 23, 2022, 5:42pm

You would have to compile yourself.

southwind · August 23, 2022, 6:06pm

Thank you!

meowmeowattack · August 23, 2022, 9:35pm

you can do some searches online, there is someone who compiled all the windows AD exploits binaries and converted them to use in powershell. all the binaries are gzip and base64 encoded. so the powershell part will just decoding it and decompress it. you can extract all the windows binaries that way. P____S____Pack

Topic		Replies	Views
Official Moderators Discussion Machines	12	2470	October 17, 2022
Do people patch machines just to f$%& with noobs? Machines beginner	4	725	February 29, 2020
Official Derailed Discussion Machines	15	2811	July 7, 2023
Official Resource Discussion Machines	156	4494	November 23, 2024
Official Flight Discussion Machines	70	5460	May 7, 2023

Official Outdated Discussion

Related topics