Yeah I was a bit mad when I wrote my previous message, sorry about that. I still think the hassle you have to go through is huge compared to what you get from it. I was doing the box with a mate and he had to give me the tiny piece of information necessary to go further. I didn’t want to go through the pain of shooting up another VM just for that…
So, that’s actually an easy box, but it can be very frustrating and confusing if you’re running anything else than Ubuntu it seems x)
Anyway, thanks !
1 Like
Thanks camk I spent Ages trying to get **b*x working on Kali or Parriot to no avail, saw your comment spun up ubuntu and got it sorted in no time, thanks dude 
1 Like
Anyone able to offer help using genymotion? Able to capture the traffic but it’s bypassing the HTB VPN and don’t fancy going through the hassle of connecting it to a VPN if I can avoid it.
I don’t know if it’s specific to my Kali VM, but when I access pages for this machine via my browser, everything hangs. I don’t have this issue on other machines, nor do I when not connected to the VPN.
My only guess is that it’s choking when grabbing fonts and such from Google’s CDN (presumably over the VPN), as my troubleshooting leads to nothing else. I’ve had to give up on the machine for that alone since I can’t really even do anything. Is this an issue others have had?
For anyone else using Kali’s VM version with the default settings having issues getting A***DDK to let you virtualize an instance to run the **k, I spun this up a week ago and ended up banging my head against the wall for days before I realized:
In VMWare WS 16.x, if you just import the machine without changing the compatibility setting from VMWare 8.x to 16.x, you won’t even have the option under VM settings to enable Virtualization until you click the ‘upgrade this machine’ option.
Hope my being an idiot can save someone else some frustration.
Anyone facing the problem of unable to connect to the server while checking the status of the apk on genymotion ?
adb root
restarting adbd as root
timeout expired while waiting for device
did you meet this problem ?
1 Like
adb root
restarting adbd as root
timeout expired while waiting for device
and to make adb remount i have to adb root first
Don’t loose time. It simply doesn’t work. adb root works with an old image version, but without reboot it’s useless. Unsquashfs the image, put your file and squashfs again.
Rooted! Enjoyed this one.
I used Android Studio, and Wireshark. Nothing crazy, just make sure the Android OS you’re using is not the latest, I had to go back several version before things started to click. I added the A record into my pihole dns with the machine’s IP.
I spent a lot of time trying to get reverse shells working in every which way, until I realized the first thing i tried would have worked perfectly fine if someone else wasn’t messing with the machine. Ran into other people messing me up and getting kicked off a few times.
For root I did what every one else did – basic enumeration script – and went down the CVE list it gave me one by one. The second one on the list worked instantly.
Thanks, all! On to the next one.
For those who are still struggling to get an android running, as I was trying for a few days, I managed to get it working with the following:
Host Windows 10 - Running Virtual Box
Android 8.1 with GenieMotion the Host with NAT
Kali with 2 adapters (Nat and Host Only)
VPN to HTB on Kali VM.
If this is too much info, remove this post. I am putting this as I spent over 90% of the time trying to get the setup to run, and not actually looking for things.
Cheers all, if anyone needs a nudge PM me.
1 Like
for those who are just looking for spoilers with a walkthrough of the machine, just look on google for one off the rsa public keys showed by nmap and you will see what you are looking for
Rooted.
Can someone please tell me if this box is also vuln to p-n-1t? It’s the first CVE that lin–as gave me. But it didn’t work. The second one worked tho. But I just wondered if this box shouldnt also be vuln to the first one.
Please dm me, I’m really interested, even though I rooted already.
So pethaps my brain is wrong but i must be missing some step here:
I have AxxBxx up and running and have the APK installed
(I am thus far never been able to get the connection confirmed)
I have set the emulator to use tun0 (i suppose) using adb to set the http_proxy
I have added routerspacd.htb to /etc/hosts.
I can see the request in Burp and Wireshark, but I’m not connecting. Clealry I’ve zigged and not zagged
What about just configuring your Android emulates system’s Wifi to use the Burp’s proxy. That is how i did it and it worked perfectly, even without add the DNS name to the hosts file
1 Like
finally rooted
if anyone have problem on genymotion vm with app like “cant access to server” use older android version. (thx @ARZ101 )
Mixed feelings about this box. Found the setup for the initial foothold super frustrating in a VM, otherwise it’s a very easy box.
Thanks to the box creator for taking the time.
Solved it in the end statically, with some luck.
But I couldn’t get A*****d S****o to work with B**p S***e on Windows. Tried everything I could think of, eventually I could visit the domain in the Chrome Browser fine, but it kept saying connection failed on the a**. Even HTTPS was working in the browser, even though I don’t think it was needed for this challenge.
If anyone got it working with the two program I wrote at the start I would love to hear how you got it to work in DM. That would help me a lot with similar challenges in the future because the workflow with the two is very nice.
I agree with @redrom01. The apk does not run on the latest SDK versions. Try different (older) versions of SDK and it should do the trick.
Hey guys,
I am having trouble with the capture of the request in Burp. I am using Geny and was able to fix the “Unable to connect to the server” error. Now, I receive the “Hey” message about the router being Ok, but the only request I got in Burp is a POST for /touch_events with no useful information.
Has anyone have a similar issue to give me a hint? Setting up the environment until this point it has taken a lot of time, lol.
Pepe