I’m still unable to crack the hash. That emoji keeps displaying in the text file and I think that’s the issue. Tho, John could crack my own password from the same DB… I don’t know why it doesn’t work with the target’s user… Is there a way to get rid of that emoji and have some text in place of it ?
Type your comment> @Ob1lan said:
I’m still unable to crack the hash. That emoji keeps displaying in the text file and I think that’s the issue. Tho, John could crack my own password from the same DB… I don’t know why it doesn’t work with the target’s user… Is there a way to get rid of that emoji and have some text in place of it ?
Rooted. As for the hash, I had to use hashcat from somewhere else, in my Kali VM it didn’t work… Nice box tho 
Rooted. Big shout-out to @RawkStar as I was overthinking and he helped me get my way in.
Hints:
Foothold: browsers can sometimes be liars. Don’t rely solely on them and try using something that b*rps to be able to actually read stuff. After that, maybe you can add something to the application, but remember: content is important.
User1: understanding how the application works is key. For that, you gonna have to read lots of files. After you’ve found the entry point, don’t trust the output. Try harder, but stay simple.
User2: as there has been a long discussion so far about it, you already know that you gotta get something cracked. Don’t worry, sometimes Mr. John and his Cat can be quite weird, but they’re definitely the way to go. You’re gonna be rocking it in no time.
Root: as people said before, you’re gonna have to create your own path and hijack your way to root.
Anyone else facing the problem to connect via S** after entering PW nothing happens?
edit: fixed with upgrading shell
Pretty cool box @m4lwhere !
PrivEsc was straight forward, foothold was more like “medium” in my opinion.
Type your comment> @riceman said:
This was fun! Really solid easy machine that keeps it simple without feeling like things were intentionally misconfigured. I think this is one of the more realistic-feeling machines on HackTheBox.
There are potentially some unicode issues depending on your environment, so google around a little to resolve them.
I > @T0K10 said:
Rooted. Big shout-out to @RawkStar as I was overthinking and he helped me get my way in.
Hints:
Foothold: browsers can sometimes be liars. Don’t rely solely on them and try using something that b*rps to be able to actually read stuff. After that, maybe you can add something to the application, but remember: content is important.
User1: understanding how the application works is key. For that, you gonna have to read lots of files. After you’ve found the entry point, don’t trust the output. Try harder, but stay simple.
User2: as there has been a long discussion so far about it, you already know that you gotta get something cracked. Don’t worry, sometimes Mr. John and his Cat can be quite weird, but they’re definitely the way to go. You’re gonna be rocking it in no time.
Root: as people said before, you’re gonna have to create your own path and hijack your way to root.
Congrats!
Type your comment> @KODAkusH said:
Hello guys, Im completely new to this and this is my first release arena.
I’ve tried some unsuccessful brute-forcing and reading some previous comments it seems that I was way off haha lolIve played around with the “orange guy” but still no idea what to look for, if anyone can DM me some nugdes/advices to what study/research more about would be really appreciated;
How To Get Low User…?
Type your comment> @psfauzi said: > Type your comment> @KODAkusH said: > > (Quote) > How To Get Low User…? Examine the code found in the zip file
absolutely overthinking root, i’m stuck & need a hint/nudge. does it involve modifying the special script file next to the snake in any way? or am i on the wrong path?
edit: rooted, now i get all the previous hints abt root lol. the answer was in front of me this whole time.
Wow, that was fun for a beginner like me.
Like others, Mr john was not playing along, but after I told him about the format of the game, he played well.
Again, like others, I completely overthought the root task and the hints here in the forum! You can be quite literal when reading the hints about that one.
@m4lwhere said:
Hello everyone! This is my first box for the platform, I hope you enjoy it!
Awesome box. Fun and useful without being overly complicated. Thank you for sharing this with the community.
@tang0 said:
Ok so rockyou didn’t work with john but it worked with hashcat. Did anyone else face the same issue? If yes, what might be the reason?
It worked with John for me.
T0K10’s summary was excellent.
Only thing I have to add is that the hash for me needed to be done in Windows, it would not work in Kali.
Spoiler Removed
The ? is important. You won’t crack the hash without it.
Type your comment> @m4lwhere said:
Hello everyone! This is my first box for the platform, I hope you enjoy it!
Good work!
This was a nice easy box that I had to learn a new trick to solve. Thanks!
@tang0 said:
Well rocking the hash doesn’t work and my method is fine because my own user’s (known) hash cracks instantly so the format and everything is correct. Do i need to go digging in the Seclists to find that special wordlist that the creator had in mind?
I had the same issue too but the answer is in your face if you use john. it gives a warning and a suggestion to fix it.
Rooted! Really nice box. I enjoyed it thoroughly! However, I’ve been wondering how b**p can show the webpages that are inaccessible through the web browser due to redirection. Can anyone DM me on why b**p can view the content of those pages and send P**T req****s also?.
Type your comment> @hadrian3689 said:
Rooted!
A fun box. You learn a lot.
Hints:
Foothold:
This box reminded me of Ippsec’s video on the Bank box. You got to talk to the postman AND just cause you can’t see it, it doesn’t mean it’s not happening.User:
Just some classic enumeration. If it’s taking too long then you are on the right track. No need to take the salt off the table.Root:
What’s today date? Can’t forget to Paint All The HomesHope I didn’t spoil too much. If you didn’t find these helpful, feel free to DM me. Good luck to all.
Funny I didnt do it on the date
Finally rooted!
Foothold was a bit complex for an easy challenge, the encoding for the first user did not work at first for me (used an online Encoder which produced a nasty result) - make sure to use the right URL Encoding ;). For anything else, source code should tell you where to start.
Root was very nice - quite a common vulnerability which is very often not considered when things are implemented and definitely something that appears in the real world!
@garlicgeorge I am not sure that it has something to do with Burp - I would guess that normal browsers follow the redirect and simply throw away the additional data, but curl or other tools simply display the entire output without following the changed location header.