Official Rebound Discussion

Official discussion thread for Rebound. Please do not post any spoilers or big hints.

Alright my first insane box. This is rated harder than cybermonday but hopefully it’ll be an easier time than that one was. Good Luck everyone!

1 Like

Good luck everyone!

Found a username and a hash :smiley:

1 Like

Same but can’t seem to crack it. hashcat just exhausts rockyou with nothing found

Hack the Universe!

Users, hashes… a few ideas but nothing working thus far

I think this is a custom combination…

Anyone know if brute forcing the hash is a rabbit hole? Does it require a custom wordlist / rule set?

At this point I am unable to crack it

i tried allready 2 différents rules…this is the same …i think we have to think more simple or more harder…

I got a username, but not sure how to move forward from here, any nudges? I was not able to retrieve any hashes

Found a bunch of user names, that hash I’m sure everyone’s referring to, a password, and did some basic AD enumeration. Still working on a foothold, but at least I have insight to AD.

The hash, yes, everybody is referring to, seems uncrackable.

An isane machine indeed managed to get users and a hash for one user , now failing to crack the hash, tried a lot of tricks

Guys, please any hint I’m stuck after finding about Shared and can’t exploit ldap. Any hint please?

Who has the “Magic”’ dictionary to crack the hash of j****s XD ?

there is another user who’s hash can be cracked, besides the one everyone is talking about. keep looking.


Anyone else gets the error of “Clock skew is too great”?

ldapsearch is giving me this error after running this command
command: ldapsearch -x -H ldap:// -LLL -b dc=rebound,dc=htb “(objectClass=simpleSecurityObject)” dn
error: Operations error (1)
Additional information: 000004DC: LdapErr: DSID-0C090ACD, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, v4563

Time synchronization.