What tool are you referring to?
Care to elaborate in DM?
I canāt seem to get a foot hold on the machineā¦ Any help guys ?
1 Like
super fun box, first one I completed without a walk through! was a blast finally getting it working! Thanks for making it!
2 Likes
Very fun box!
I am within my first year learning and this box really tested my knowledge of the basic fundamentals.
Great feeling once you get rootā¦
many thanks @secnigma
I look forward to your next challenge
1 Like
I really enjoyed this box, kinda makes me want to start watching the office now
1 Like
Can anyone pm me for a nudge? Iām kinda stuck and dont know where to go.
i managed to get *. but firefox just says webserver not found
even after adding ip.ip.ip.ip paper.htb to /etc/hosts and trying *..htb and *. it still does not work, anyone knows why?
didnt work for me for some odd reason
This is my first box and Iām fairly stuck at this point. I did the initial service scans got the info required to get to the actual page. Enumerated that site as well as visited the site and read a lot of clues on where to get more information Iām just at a loss on how to get to where that information is. I feel like Iām in jail and canāt get out until I talk to an inmate. I just donāt know how to talk to him. Any nudges would help.
check same stuff in headers. btw, why paper.htb?
try to DM somebody if you canāt write in group
gotta address the inmate directly and on the exact terms he lays out for you
Thanks for the tip. I have addressed the inmate and into the chat now. just trying to figure out if I can reverse shell from there or something like that. Iām pretty new to this so it is taking me a while 
1 Like
will not reverse shell
you must find credentials
2 Likes
For anyone struggling with root, make sure you use the version of linpeas from 5 days ago. The one updated today (2/9) doesnāt find what weāre looking for.
5 Likes
Oh. Thatās how I got the user flagā¦ I guess I did something wrong.
Very funny box 
Thanks @secnigma ! I donāt feel the pain 
Foothold : donāt listen to comments saying to use all the recon tools you know. The catch is just in front of your eyes with a special header giving you the next virtual server
User : The bot is rubbish 
See a special hidden file that gives you the necessary to connect to the other service showed by nmap.
Root : The easy CVE is working. Iām looking for the complicated one.
Iām not able to post the flags. Did anyone encounter that problem?
2 Likes
Also liked that one 
Thanks @secnigma ^^
Pretty nice and easy box to root (especially the privesc)
User is a 3 steps process but all steps chains nicely
1 Like
I tried paper too
Really liked the box! Great job @secnigma! This is the one I will always remember as the first one I did without a bit of cheating. Skill improvement. =)
Funny thing is, that I was able to finish it without any tools or scripts, with exception to a little Burping in the beginning.
Thanks again for the box and the work on it!
If someone needs help, send me a DM.
Cheers!
3 Likes