Olympus

little stuck i believe the initial vector is through x____g. when i send the custom X___G_S____N_S___T with the header i see a syn packet back in tcpdump but nothing on nc with -lvvp flag on port 9XXX not sure what im doing wrong .if anyone can PM me to point me to some resources i can read that would be great p.s im not after the answer just a hint to guide me in the right direction

@doom71 said:
Still in Crete. I think I am on the right track, but always getting Exploit completed, but no session was created. Some help would be appreciated.

Are you using the right exploit? I had similar issues, just changing the type from TCP type VPN to UDP did the trick for me.

The information provided from “Athena” renders me clueless, what is this combination of integers suppose to mean? I’m assuming it’s some old communication protocol.

#EDIT ROOTED

This box is really a ride, can’t really decide with myself if i like the puzzles or not. Especially from Rhodes to Hades, the techniques used to “open the portal” is something i have never heard of before. Knock Knock ! Feel free to PM if you need any hints

ROOTED! This was THE BEST machine ever! @OscarAkaElvis I’m not sure if i rooted the way i was supposed to, if you’re interested just DM me.

Hey guys,

I’ve been running around on this for a couple of days now. I have decrypted the cap file. I have the username and what I believe is the password. I am trying to connect to rhodes I believe but I have no clue if I am using the right ip address or domain. Please, can someone give me a hint as to where to get this information. The only IP addresses I can find in the cap file return nothing when I try to lookup the domain. What am I missing?

EDIT: Rooted. Excellent box. My favorite so far!

I dont know where to start. Webpage doesnt load completely. Stuck at crete, i found 403 response code files/directories… Any hint by pm? Also i noticed a vuln in x…g but msf is not working… No session created.

@ryuk said:
Hi there… I managed to get the root flag without spawning a root shell. is there a way to get shell as root? pm… tnxs

Just rooted. And yes, you can get a root-shell.

To get root is absolutely genies. It was funny to play with the whales :slight_smile: Best machine ever! @OscarAkaElvis

Managed to get this pwned just before the retirement. One of the most fun boxes I have had the pleasure of pwning.

Got root before it retired. Very nice box with some new stuff for me.

@konobi said:
To get root is absolutely genies. It was funny to play with the whales :slight_smile: Best machine ever! @OscarAkaElvis

I asbolutely agree, playing with whales is fun. I didn’t ever think about how they could just be “played”.

Someone did use metasploit? Is it working? I cannot get it to work and i think my parameters are right. No session created… Im attacking x…g.

Metasploit will not help you here!

Good lawd, this was tough. Never had dealings with two critical points, the only lame part was when I had to start guessing for the next stage. I can see why this box is at least a medium difficulty, great job to the creator.

Oh, so x…g is.not the entry point? I don’t find an exploit in another format, only for metasploit… I don’t know if i am on the right track… Any hint by pm please.

@9999volts said:
Oh, so x…g is.not the entry point? I don’t find an exploit in another format, only for metasploit… I don’t know if i am on the right track… Any hint by pm please.

Search on google you’ll find out. And write your own if necessary.

I will try harder, ty.

; ) if you need help: https://ironhackers.es/en/writeups/writeup-olympus-hackthebox/

2 days on this box have tried every single script and tweaked and tweaked but getting nowhere tried IPPSECs methods and a few similar but absolutely nothing for crying out loud i even tried the Metasploit method as i was so frustrated something i never use but even that did not work

Id appreciate it if someone could try this box out for the xdebug exploit and let me know if it indeed is still relevant as something is sorely amiss here

Thanks

To say i could not get on this box and wasted 2 days trying left me with a bad taste in my mouth i had to resort to reading the hints which has led me to believe that users in certain parts of the world cannot even begin rooting this box

Has HTB no solution at all to those users who cannot enjoy this box as i can confirm i have tried every script including my own and even resorted to Metasploit but no joy

No i wont purchase a digital Ocean box for all the people who commented this to other students SHAME as it looks like ill have to give this a miss unless any helpful student can give me any welcome advice