Finally got user after 4 days thank you to all those that helped me
1 Like
Hello, Iâve found three subs and some information from smtp enum. Can anyone give me some hints?
Can somebody call Jim Carrey from Bruce Almighty so he can help me get root my god!!!
hey, can anyone give me a nudge for finding the last domain none of my prefixes seem to be landing 
Thank you for this!! Been Stuck on finding the correct method for the L** and this helped 
I assume the bootstrap plug is some form of âfunnyâ cross marketing?
Hi All
Did anyone find âtrick.htbâ through enumeration, or was it assumed?
Thank you.
Update: the server name can be enumerated using dig command. My bad.
You can deduct it when you observe that there is a DNS.
A DNS needs a main domain at the time of configuration.
1 Like
Still canât find more than one subdomain⌠can anyone DM me some hints please?
Thank you @Nevuer for the hint - very much appreciated.
1 Like
if youâre still looking for the subdomains, hacktricksâs article on dns is only going to get you so far. you need to fuzz to go further. think about the subdomain p*****-p******.trick.htb and think about an organization. the second p-word in the subdomain is interchangable when you think about a large organization.
1 Like
Alright, so I am pretty new to HTB, and upon my initial nmap scans I saw there was something up with debian.localdomain and the port 53 dns. I am confused on how to get a domain for dig and DNS enumeration if all I have is an IP, and setting up my /etc/hosts with the IP doesnt let me do anything with gobuster dns or anything, so I am very lostâŚ
As far as i have been aware I need a domain name to enumerate DNS and am stuck with that part because all I have is the IP addressâŚ
Hi everyone, i get d*.*n domain, is the right way? I canât properly enum dns server. Someone can dm me for a little hint?
no need to fuzz for subdomains. dns enumeration gives out one. later local configuration file gives the other.
2 Likes
DNS enumeration will give what you need
This will help you a lot â 53 - Pentesting DNS - HackTricks
Done! First box Iâve tried on HTB, definitely a fun one. Thanks for the couple of initial hints!
you can dm me for a nudge about dns
finally rooted, learn a few things and it was a good experince.
for root donât think to much itâs quite easy just use google.
thanks to NeverHackMe for the help, much appreciated
1 Like
rooted.
Initial Access: Its tough to walk away from rabbit holes when you have convinced yourself that you are inches away from the way in. This is why we need the forums. I know this isnt new to anyone here, but find all subdomains. Once you are on the right track, use the L** vulnerability. Remember with payload filters, its hard for defenders to filter all of them. Its important to Payload All The Things. Once you succeed, find a file that can let you in.
Priv Esc: This was straight forward to me. Enumerate your userâs permissions in the most basic way possible. Get a basic understanding of the tool in question.
DM me for more nudges.
1 Like
restart the box. i had to restart also.