Official RegistryTwo Discussion

HTB Content Machines
64

me too

66

Iā€™ve finally got root on that amazing machine! I htink that was one of the best machines this year, very satisfying to pwn.
Some hints:

  • User: the road is long and hard, you need to find and configure right tools for a lot of things. be ready to code some stuff. serve first to be a client later.
  • Root: the road is pretty straightforward, but there are a lot of hurdles on the way. Move things around and look how they change after that. I had to code quite a bit here as well :slight_smile:

Kudos to the machine creator, and good luck to everyone struggling with this machine

5 Likes
67

For people struggling with using the auth token - you can use docker pull with the right settings. Google is your friend here.

68

can i dm you about shell access ?

69

im struggling with using the tokens ,i got the idea and how to use them as per ā€˜googleā€™ which is clearly easy to understand how ever i still keep getting ā€˜UNAUTHORIZEDā€™ ,can someone DM me for sanity check

70

Mind if I DM you about root? My brain is fried after finally popping user.

1 Like
71

This was definitely an insane level machineā€¦ i have some issues along the way, but finally i was able to root itā€¦ for anyone stuck feel free to drop me a PM .
PS not that much of coding is requiredā€¦

4 Likes
72

Is anyone else getting redirected to 127.0.0.1:8080 whenever they try to access a particular page using a particular method?
Iā€™m only getting redirected on the exact pages where that particular method should be working. No, Iā€™m not running a browser proxy - and I get the same result in cURL anyway.
Please DM if youā€™ve experienced the same thing or have somehow gotten past it.

73

intercept the response for this particular request and just remove the Location: 127.0.0.1:8080 before forwarding it to your browser.

74

Never mind. Rooted this bad boy.

75

Iā€™m open providing hints, but I will not walk anyone through the box. Let me know where youā€™re at and Iā€™ll nudge from there.

:exploding_head:

1 Like
76

Does the re******ure page have any value or a rabbit hole?

77

This machine is too crazy. I am starting to doubt the meaning of life.

5 Likes
78

its a small step in the right direction in this long journey :slight_smile:

1 Like
79

Delete.

80

Hit me up with a DM, I can nudge a bit, but I still havenā€™t finished it myselfā€¦

81

From user to root, something in rā€¦y.jar ?

2 Likes
82

If it gives anyone hope about the coding thing, I coded next to nothing for this box. Thereā€™s plenty of tools that do 99% of the work for you with minimal adjustments.

2 Likes
83

I had the path but i couldnā€™t make the tool work ! everyone has my same problem? i m so unlucky

84

I guess it depends what tool youā€™re using. I had lots of issues along the way.