Yeah… finally found the bot and now the box is unreachable when I ping it 
Same, getting “server not found”
Awesome box so far!
User:
- I wonder what headers the server is sending back.
- Read the comments, find the exploit.
- If your injections fail, think about what you CAN do. Maybe you should get one-eye to know himself a bit better?
Root:
- Enumerate enumerate enumerate. Pretty straightforward!
Yeah finally, got stuck too many times 
Foothold:
did you really read/looked at all of the output you got?
User:
thanks to @Nixsploit, definitely use an API-Key for the tool and you will get it what to do 
root:
a something something what prints you out 4000+ lines of enumeration tells you pretty straight
forward what to do. (if sec****a don’t work, try out boris)
never mind me, I figured it out. Lesson learnt.
Would be helpful if somebody can pm about an issue I’m having. I’ve already gained system access but now when I go to upgrade shells with “stty raw -echo; fg” my session in terminal becomes completely unresponsive. I can see my NC listener session that I paused to upgrade the shell but when I input the command my terminal refuses to respond and I’m forced to manually close it.
Same password as for r-c—ops
Got user flag. Have been stuck quite a lot and would’nt have done it without the help of this forum.
About to get root hopefully.
// Now content that might be distracting for people trying to get user flag / maybe not:
Can you guys tell me: I once was able to login to c–t as r-c—ops and I got the message that I’m not allowed to login. But still I had access to the full c–t with the user list and I even saw other HTB-Users accounts that were logged in. Is that in any way intended??? @secnigma maybe?
// Edit:
While the above question bothers me still, I have rooted the box.
What made me struggle with root: Make sure to really read and understand the instructions of the exploit you’re using …
1 Like
Thank you for the box secnigma, really enjoyed it!
User flag: keep on talking and look for all the files you can access
Root: PEASS is your friend
1 Like
Hello there,
Sorry about the late reply.
If you are able to login to c–t as r-c—ops, then that is definitely unintended and it is most probably a glitch in the r—tc–t application.
Hi @secnigma, I’m getting the following error when i try to access to c*** website.
“Firefox can’t establish a connection to the server at ws://c***/sockjs/451/jgd4_u84/websocket”
Tried with Parrot, Kali and also with Chrome, but no way to load the c*** page.
how added to hosts?
The problem is not that, the page starts loading, I can even see the .ico and some technologies with Wappalyzer. But it cannot load the page at all, idk if it’s just for me…
1 Like
Listen to the wizard…
Thanks @secnigma, this was a fun and educational box!
For both initial foothold and privesc you just need to do the right kind of enumeration. After that, just follow the bread crumbs. As a result of this box, I added a new item in my Linux privesc enumeration checklist. DM me if you would like any nudges.
1 Like
Sorry about the late reply.
You should enumerate a little deeper, instead of guessing blindly.
If you are still stuck, you could try the HTB discord or DM someone here.
1 Like
Hi, the secret page is not loading properly receiving an empty page any help pls.
added both *** to hosts file
1 Like
same issue here
1 Like
Just rooted the machine, took me a little to get the trick for foothold. Nice work @secnigma, I had a lot of fun!
Cheers!
1 Like
I managed to finally get the user.txt from d****t’s homedir but it’s not accepted at htb, anyone else had this issue?
Tried a reset and that didn’t help either.