me too
hope you are doing well,I just want to ask you about priv esclation for this machine, got stuck I run a lot of automated tools but seems I canât see anything clear, could you help me to point my gun, have seen all the comments and tried to enumerate a lot of things , tried also several CVE but no luck, dm me or reply me thanks
update : Finally I did really learnt so much from this âââeasyâââ box lol, keep going and thanks for the best hacking community hackthebox is the greatest thanks a lot guys
Iâm having the same problem, I always get a TypeError.
Canât figure out where the issue is. Can someone give me a nudge?
This one makes me mad. I quickly managed to communicate with the strange port with different tools. I also managed to send the token but I donât know what to do with the two messages: âWill update soon.â and âA⌠WorkinâŚâ. I also managed to connect with the user âA****â but it doesnât seem to lead me further. I have tried command injections without success. I tested with three different tools, one of which allowed me to use Burp to intercept the requests but it didnât help meâŚ
Can anyone help or pm me please?
Thank you!
1 Like
same situation here. This box is making me furious lol.
Try to think about what happens behind the scenes. What is this id parameter, how it may be used? What is most likely to be used as the backend to store and retrieve data? What vulnerability is common to that kind of service?
I think answering those questions will help you to find the way to user.
3 Likes
Got user! Thank you all, I donât know why I was so desperate to get something directly from the tools to communicate with g***, forgetting the basicsâŚ
For those who are stuck at this stage. If you have reached this stage it means that you are able to communicate with the service correctly, so now remember the basic web attacks. Think simpleâŚ
1 Like
Rooted!
Thanks to @ForP44 for the nudge regarding the TypeError. After solving that, it was a breeze.
I am stuck, am I in the wrong way?
i am connecting the weird port with curl (âhttp2-prior-knowledge) and sending POST requests with te: trailers. But cannot go further.
If anyone needs some help, feel free to DM me I will get back to you eventually.
This was extremely interesting foothold for me, learnt a ton.
I struggled a bit with root for some reason even though it was pretty straightforward.
Thanks to @Dark0x3 and @lim8en1 for hints
1 Like
rooted again
the intended way this time
Itâs a nice box. Itâs not that often thereâs no http server but a âweird esotericâ service instead.
I learnt new valuable things 
going for some âbeyond rootâ now
1 Like
I managed to interact with the service, so I know which parameter is injectable. However Iâm experiencing difficulties in using sql ***, someone willing to help me in dm, I just need a little advice thank you very much.
ofc Im kidding lol
I have Managed to find admin password from database. But I canât login to sshâŚ
Anyone please help me
Donât login as admin
then what should i do?
ssh using the other username and password
what are you sauying?
2 Likes
that admin is not the only user
After like 3 days rooted, user is not so easy for me. Send me DM if need help!
And thanks all the people who helped! 
1 Like