Official discussion thread for Writer. Please do not post any spoilers or big hints.
Can anyone create the instance, it shows ‘Machine is not released yet’ for me
For me it’s the same. I see the countdown in the old htb dashboard - more than 2 hours left
Hmm, been enumerating for hours and found… nothing!
Agreed. I have been trying some elaborate enumeration ideas and have found nothing! I would not know it was a Linux box if it wasn’t for the machine description on HTB. I see some folks have already owned it so I know it is possible.
I don’t know why I cannot ping the machine. I have changed vpn servers, recreated the instance, still no luck. What am I missing? (btw. this only happens in release arena, works normal in regular machines)
Type your comment> @m1r3x said:
I don’t know why I cannot ping the machine. I have changed vpn servers, recreated the instance, still no luck. What am I missing? (btw. this only happens in release arena, works normal in regular machines)
I’m getting the same issue…
Type your comment> @mostwantedduck said:
Type your comment> @m1r3x said:
I don’t know why I cannot ping the machine. I have changed vpn servers, recreated the instance, still no luck. What am I missing? (btw. this only happens in release arena, works normal in regular machines)
I’m getting the same issue…
Same same…
I had strange timeouts yesterday so I gave up not knowing if it was HTB infrastructure or perhaps a WAF doing its job. Today I realised that my manual approach using a tool did not work but when I dumped file from Burp Suite and let it work with that it seems to work. I can´t see why but I am obviously missing something in the request. Gonna go back later and learn from it, now I at least have found something to work with.
So I feel like normally boxes don’t require brute forcing but does anyone know if it needed here? I feel like I’ve hit a wall otherwise, any insight is appreciated!
There is no brute forcing needed. You can try simple owasp top 10 attacks
I hit a blind man with a stick and here I am still waiting while I read something h4h4
This is extremely timeconsuming. I think I know what I want to exfiltrate but I don´t know where it´s stored. And it takes forever to read avery byte. User in 2 hours… I am impressed.
Type your comment> @f1rstr3am said:
This is extremely timeconsuming. I think I know what I want to exfiltrate but I don´t know where it´s stored. And it takes forever to read avery byte. User in 2 hours… I am impressed.
Maybe being blind is not the right way to read files 
As you have found the permission, try different ways of reading files
Type your comment> @f1rstr3am said:
I had strange timeouts yesterday so I gave up not knowing if it was HTB infrastructure or perhaps a WAF doing its job. Today I realised that my manual approach using a tool did not work but when I dumped file from Burp Suite and let it work with that it seems to work. I can´t see why but I am obviously missing something in the request. Gonna go back later and learn from it, now I at least have found something to work with.
Last night I gave up scanning for anything, this morning scanning I’m finally seeing open ports!
I am trying to exploit what I found in the web code. But get stuck on the payload. Can someone give me a hint?
Type your comment> @Kalimoe said:
I am trying to exploit what I found in the web code. But get stuck on the payload. Can someone give me a hint?
If you are trying foothold from this, I don’t think this is the right way.
Got user. My hint would be not to bother using the automated tool for this one. It takes far too long
Got user but stuck on privesc. Do I have to do anything with the other vhost?
Type your comment> @Kevoenos said:
Got user but stuck on privesc. Do I have to do anything with the other vhost?
How did you get the user then? 