Official Search Discussion

Official discussion thread for Search. Please do not post any spoilers or big hints.

Hi, has anyone received “incorrect user flag”? however the file is correct.

Also incorrect root.txt flag. What appends exactly?

ROOTED :wink:

I’d say I spent 15 hours on that one total ^^very nice one, kudos to @dmw0ng ^^

I could not get a final reverse shell though on the very last step and I’m wondering why it’s not working, if someone wants to talk about it?


Look carefully in the website…
…And then go straight to LDAP enumeration


A nice road trip from users to users but if you follow your LDAP enumeration routines and use bloodhound, it’s pretty straight forward
Just a tip: if you encounter a cert, try to use it in your browser ^^


You have everything under your eyes from the beginning in bloodhound already

And as always… PM if stucked, but with detailed steps of where you are and what you did already
Enjoy HTB!


really cute box. Rooted!

10/10 real - life environment fyi all

if you need help just dm.

i got usernames form the website is that enough or there is more on the website

i have got usernames list and i tried aseproasting still no luck any hints?

There is more :wink:

Real fun and surprisingly easy box.
Found two different ways to root.
Didn’t even need a revshell :man_shrugging:

Regarding @clure’s hint on the cert, I had to use a windows machine to get it working. May have been an issue on my end as I’m using a Mac

I’m also having issues with the flags saying that they are incorrect. I’ve even tried resetting the machine. What is the problem here?

Great box, realistic. If you treat it like a real engagement it will be straight forward. Kudos to the creator and @clure for the tips (pay close attention to them)!

1 Like

Just finished Active and Sizzle, still cannot seem to get a foothold here. Confirmed valid usernames but everything is coming back off after that. Exploits after that are patched or disabled. I like it, but wow is it hard

Just take a detailed look at the website

oh geeze lol. I just found it. I must have skipped over that clue 100 times.

1 Like

Just got root.txt but could not get a proper shell. As anyone succeeded ? If so, I could use some feedback.
Really Cool box.

I’m going through the accidental skipping right now…kind of annoying tbh! :face_with_raised_eyebrow:

Got root., amazing machine took a few hours, but a lot of fun.
Analize the web will save you a lot of time.

if you need help send a dm.