Rooted, good machine, I learned well from it.
For the user: Just stay connected to some information passed in the file on a low door, then a brief list of the web service and Google, ready he has all the answers.
For Root, Enumerating the application that is running on another port, google, reading a document mixed with an exploit will give you all the way to the Administrator.
Any questions, you can call me …
Hi,
I am facing an issue on privilege escalation… Hope it won’t be spoiler but… i am not able to login with the password… if you guys get it what i mean… I tried changing htb lab server as well.
Do i need to look more… or is there an issue…
Type your comment> @arq said:
Hi,
I am facing an issue on privilege escalation… Hope it won’t be spoiler but… i am not able to login with the password… if you guys get it what i mean… I tried changing htb lab server as well.
Do i need to look more… or is there an issue…
you mean the login to the api? had a similar problem, just pass the password directly in your command and not enter or paste it interactive.
Type your comment> @secure77 said:
Type your comment> @arq said:
Hi,
I am facing an issue on privilege escalation… Hope it won’t be spoiler but… i am not able to login with the password… if you guys get it what i mean… I tried changing htb lab server as well.
Do i need to look more… or is there an issue…you mean the login to the api? had a similar problem, just pass the password directly in your command and not enter or paste it interactive.
Hi, I have sent you a DM… I might require to disclose some more info… that could be considered as a spoiler… Please respond.
Got root without rebooting.
Finally rooted! It was my very first machine and… yikes!
User was pretty fun actually but root was totally not.
Very very VERY unstable root part and could not manage to get a re***e sh**l with **.exe because it didn’t let me execute code from remote.
anyway could get **.exe to send binary data so i got the flag this way but it was very frustrating at times.
Both web and ai were useful to get the root part. Didn’t have to reboot though.
Without the stability issues I would’ve enjoyed this machine a lot. Maybe it would’ve been possible to disable the reload/restart button so the box doesn’t break all the time. I think the biggest problem is that people don’t expect a “Reload” button to kill the entire service.
I have to say that the software used for root is a heaping pile of garbage. The fact that using the API is easier than the web UI really speaks volumes 
Hi guys, I need some help on priv esc. I know that I need tunnel vision tried with all options that s** offer but no result as far (it may be that I use it incorrectly). Just in case I tried with GUI as I have no idea hot to use API. Thanks
Im stucked I guess… I am not able to make this shitty ++ client to execute my batch file for the privesc.
I managed to add the batch file via API but I does not execute… still on it, going to try the interactive box from ++ next…we will see.
What a nightmare of machine, freezing every 30sec!!! is that on purpuse?
UPDATE
The interactive shell from ++ gives me the shell but as N******e and not as a root…any pointer on that?
UPDATE 2
rooted
hit me for help
@Szkiel said:
Hi guys, I need some help on priv esc. I know that I need tunnel vision tried with all options that s** offer but no result as far (it may be that I use it incorrectly). Just in case I tried with GUI as I have no idea hot to use API. Thanks
It is worth looking into the API to see how you can abuse that. It is much easier than the web interface in the long run.
I have the user flag, but I am having trouble with the privesc. I’ve heard something of using the API, how would I go about this? I have never done it before so a nudge in the right direction would be appreciated!
My messages are open, thank you.
I am a noob and need a hint, got the c**********.txt and the other one but got no credentials, tried to upload a reverse shell to ftp but access denied. Any one got hint to point me to the right direction?
@niko11 said:
I have the user flag, but I am having trouble with the privesc. I’ve heard something of using the API, how would I go about this? I have never done it before so a nudge in the right direction would be appreciated!
My messages are open, thank you.
If you google the service name and API you get some very useful documentation. It will get you 80% of the way.
You can figure the rest out by reading how the exploit works and seeing what you need to do in order to generate the same effects on the API.
@jixprotiger said:
I am a noob and need a hint, got the c**********.txt and the other one but got no credentials, tried to upload a reverse shell to ftp but access denied. Any one got hint to point me to the right direction?
Look at a different port.
Can someone maybe give me a nudge in the root part.
I know what and how to exploit it but it gives me the forbidden thingy.
I tried it to do it via the thing we connect to the machine but it still doesn’t work…
nevermind figured it out.
I’m having some troubles with the root part. I found a password for a service that I think I need to exploit (well, at least many hints point toward 
). But the password neither works through the web interfaces (if it loads…) nor through the API. I’d be grateful for any nudges!
/edit: nevermind, noticed my mistake!
Hi, can someone give me a pm on privilege escalation on servmon. I have the way to do it but just don’t understand how to use it
rooted ! thanks to D4rkm0de to his nudge… webapp was a pain
also this box was a pain in the **s lol
I accidentally deleted all my HTB boxes’s notes and files. Today is my black day. Really fu**ed up.
finally rooted 
I was experiencing serious connectivity issues but who cares when you get your flag!!
there is no point to give more hints, you can find enough in this thread, but happy to help in case you are stuck