I did got the foothold. It’s not even that hard (could maybe be medium even, though I haven’t tried the privesc just yet) just rtfm and google around. It’s a little frustrating that it didn’t work right but if you’re having issues just reset it a few times or wait I guess, lol.
I solved the 500 by going to Login :: Hack The Box :: Penetration Testing Labs, the old site, and starting an instance from the “all machines” page instead of using the app vhost and launching it in release arena.
As for getting the foothold and user: figure out what you can control, figure out what your limitations are, establish something that works. One thing leads to the next, so don’t go off in a totally different direction if you get stuck. This machine really points you where you need to go, which is nice; I’ve enjoyed this one a lot.
I think this box is what covid came from…
lol thanks @infosecjack this mother was a monster but you hit my itch and I hardly slept since release. mmmm that got root bed time vibez!
if they had to throw 500 internal server error all over, what is the benefit of box being inside release arena. if i solve this box, am gonna give it the lowest score for sure.
sometimes that 500 is a bad cookie or something.
No, there is definitely an issue with the box.
Deleting the cookie from your browser helped me resolve 500 errors. Resetting does not seem to help
maybe there was an issue on the backend sending the response object. it’s something totally unrelated to request cookie, and only manifesting in release arena. trust us guys we’re not crazy lol. maybe it was resolved by now or ephemeral, idk i already finished this box.
got root. Dm if need help with steps you did.
Rooted right now. Really a nice a machine!!
For 500 response errors, delete your cookies, if you have deleted them restart the machine.
User: don’t overthink it is all in front of you, be sure to look on all pages available. If you know how it is built you can control it. Don’t trust your eyes and trust what have you seen until now. Fight your limits, the backend technology provides you all the the bricks you need.
Root: it is not too different, think to what the server evaluate…
DM me if you need hints.
one of the best box i played recently, excellent to explore this kind of vulnerability.
Amazing box, really enjoyed playing with the payloads
Oh dear…seems like an epic fail on enum for me. I only see a small number of endpoints and have tried the usual attacks on them but not getting anywhere. Gobuster turned up nothing that I couldn’t get with manual review - any nudge for what I’m missing?
Foothold/user: analyze carefully what is in front of you. A specific issue will allow you to do nice stuff that will help you “secretly” recover something. Iterate this issue and finally you’ll land on target.
Root: enumeration is key, once you uncover something look beyond what you see. Analyze everything something odd should not be “allowed”! For me this was the first time I used this kind of scenario within HTB so it was cool to learn something new.
Thanks for the box!
Rooted. User part was new to me. Root was a bit easy or I would say straightforward
Nice box. Learned a lot.
Phew! What a box, what a thrill, what a ride!!!
It took me a LONG time to exploit this box. Foothold, user and root were completely new to me. Thanks a bunch to the creator of this box - I enjoyed it a lot!!
No new hints from me, reading through previous posts should give you all you need.
DM for hints!
Just rooted. Really great box, learned a lot. DM me if you need some help.
I am stuck with privesc , any hints?