I know its been said before, but the machine authors really do have a hard time determining in advance how a box is going to perform when hundreds of people are stepping on each other.
This one really makes the case that if you spend any amount of time on here, you should really invest in VIP access or go in with a group for a dedicated server. It just saves a lot of time and heartache on some of these.
I stuck because machine is restarting in every 5 min.
have imported my exploit for root via API but for the life of me canāt see how to create schedule for the last step. any pointer appreciated.
@WibblyWobbly said:
have imported my exploit for root via API but for the life of me canāt see how to create schedule for the last step. any pointer appreciated.
You can do it without creating a schedule, just with the API. I didnāt figure that out though and had to just do it through the web front end and used that to create a schedule.
What a roller coaster this one wasā¦
Here is my two cents on this:
Foothold:
See which ports are open, find the lowest hanging fruit, you can find some clues on what to look for and where to look for it.
Look for a vulnerability on one of the services mentioned on the info you gathered in previous step, it helps you get a bunch of GOODIES (you know where the goodies are, use the vulnerability to fetch them).
User:
Once you get the info you might think of brute forcing, DO NOT do it, simple trial and error will give you what you want without killing the machine for others.
Root:
Taking a look at information you found when trying to get a foothold, you can find the second vulnerable platform.
Here is where it gets all tricky, the exploits you find online should only give you an idea.
You can do what the guide tells you using API so RTFM (I skimmed through it and wasted a whole day banging my head against the wall), all you need is in the documentations (Do not focus solely on the scripts part, look at other sections as well)
DO NOT ATTEMPT TO RESTART THE SYSTEM, THE SERVICE WILL DIE, YOU DONT NEED TO RESTART IT.
Again, you know what you are looking for, you dont necessarily need to get a reverse shell, think outside of the box and maybe you will find a better easier way to do it.
PM for nudges.
So the only thing I need right now is for the scheduler to run the schedule, but the page just collapsed. So not sure how to proceed now, I guess there has to be some way to resume the service in that port?
allright I was finally able to finish this. Huge relief, and honestly happy to have gotten my first ever flags outside the Starting Point tutorial.
Finally rootedā¦!
hints for root is to use api to add script and execute the query
web ui sucks
Type your comment> @TazWake said:
@acidbat said
User was fun, stuck on root since the WEB UI is rubbish and I keep getting a 403 error with the right password.
A nudge or point towards the API method would be greatly appreciated.
Turning into a silverfox with this box
This is helpful: Welcome - NSClient++
Thank you
Hey ,
I tried executing my *****.bt file ā¦ but every time i receive a user reverse shell rather than a Root shell.
I am using web APIsā¦ please provide a Nudge
rooted.
Not gonna lie, I wasnāt expecting to get it right when I did. Lol
Got user and now I go to the root according to the first impressions easy machine 
Rootedā¦
nice and funny box but was a lot of reading through the manual, also installed the N**** Client on my machine to rebuild the path. couse the box is down every few minutes.
Again to all: there is no need to restart the box or the service!!
If anyone need a hint, feel free to write me.
Ok im having issues getting the foothold. I found the way in but am not that great with windows machines. Can someone pm me and help me out a little. It would be greatly appreciated.
Finally rooted,
All hints are on the forum.
I went the UI way (maybe a sucker for punishment) but got there in the end 
Patience is the key and NO, you do not need to restart anything (even if the Exploit tells you to)
If someone could explain to me the API way that would be great.
Thank you @dmw0ng for the machine, I had lots of fun (and frustrated lol),
Type your comment> @acidbat said:
Finally rooted,
All hints are on the forum.
I went the UI way (maybe a sucker for punishment) but got there in the end
Patience is the key and NO, you do not need to restart anything (even if the Exploit tells you to)If someone could explain to me the API way that would be great.
Thank you @dmw0ng for the machine, I had lots of fun (and frustrated lol),
API was def easier, I could not even fk wit that GUI. hit me up on DM if you want some details
Rooted, good machine, I learned well from it.
For the user: Just stay connected to some information passed in the file on a low door, then a brief list of the web service and Google, ready he has all the answers.
For Root, Enumerating the application that is running on another port, google, reading a document mixed with an exploit will give you all the way to the Administrator.
Any questions, you can call me ā¦
Hi,
I am facing an issue on privilege escalationā¦ Hope it wonāt be spoiler butā¦ i am not able to login with the passwordā¦ if you guys get it what i meanā¦ I tried changing htb lab server as well.
Do i need to look moreā¦ or is there an issueā¦
Type your comment> @arq said:
Hi,
I am facing an issue on privilege escalationā¦ Hope it wonāt be spoiler butā¦ i am not able to login with the passwordā¦ if you guys get it what i meanā¦ I tried changing htb lab server as well.
Do i need to look moreā¦ or is there an issueā¦
you mean the login to the api? had a similar problem, just pass the password directly in your command and not enter or paste it interactive.