I am trying to get the netcat listener to work but all I get is a blank space. It connects to the port I used for the listener, but I can not do anything with it. All that happens when I type a command is it exits the listener and brings me back to terminal command line. Anyone have any ideas on how to fix this?
use another type of revershell or send dm bro : )
very fun box, feel like thanos pulling his power glove at the end, so many way to crash all down and get root 
Thks to @FroggieDrinks for your wise advices like usual you’re the best man biiig respect to you
2 Likes
Interesting machine. If you know your linux, you will know what to do to evade the script’s checks for root. If not, i suggest asking ChatJippity
this was incredibly fun! Had to come here for a few hints but that was awesome
finally rooted. root was much simpler than I thought initially
Anyone recommend a wordlist for fuzzing subdomains? Having no luck with what is provided
If youre using Kali/pwnbox you should have seclist already if you dont then get seclist payloads from github. Use seclist/Discovery/DNS/subdomains-top1million-110000.txt I believe thats what i used to find it.
https://github.com/danielmiessler/SecLists/blob/master/Discovery/DNS/subdomains-top1million-110000.txt
Can anyone help me, i can’t ssh into it, I’m getting stuck on
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
I read that it might be an issue with openvpn, but I’m wondering if anyone had similiar issues and knows how to fix this? I’m using kali wsl2 as root if that’s important.
nvm solved it on pwnbox
Easy one, but had a lot of fun with the root flag. I’ll share my experience:
Foothold: just basic enumeration and search did the work;
User: explore the application thoroughly, and you’ll find interesting information;
Root: you may not have authority outside of your home, but it doesn’t mean you’re not allowed to take shortcuts.
Hi guys !
Just rooted the box and it’s a pretty nice box actually.
I was just wandering how was the reset.sh file executed every x minutes without being inside cron ? I’ve check cron and it is not in there. Maybe it’s a daemon that’s running it ?
do you guys know why i cant access the ip(10.10.11.23) on my browser? i also trying to access the http://permx.htb and got no response. but when i ping that ip, it shown that 0% packet loss mean all packets were transmitted succesfully
Are you using Linux!? Have you populated your ‘hosts’ file?
Thank you all for the assistance and I appreciate any questions that I asked were responded to with answers, this was my first box I attempted to pwn and I really wanted to get it before going to sleep, I have learned a lot and definitely have a lot of clarity on what to do for my next box! Cheers! 
Is it just me or is the server very very very slow ? I am waiting for my requests way too long
did you edit your hosts file?