This box is really unstable, and I was stuck in user. I’m enumerating with d******** ********l am I in the right track? Any hints, please? I could hardly do anything it keeps unable to connect.
Type your comment> @StanleyJobson said:
Type your comment> @fleitner said:
hmmm, whenever I try to tunnel to some web page to be of an allowed host, I get a PR_END_OF_FILE_ERROR in my browser.
Can anyone give me a hint on whether I’m on the right track to root, and if I do something stupidly wrong with my tunneling?I get this error too, even though I’m using the same method as before when I had it working. Sometimes it works, sometimes it doesn’t - I really can’t give you an explanation unfortunately. I think this may be a weird Windows SSH thing?
I still don’t know that the error message actually means, but try doing some different way of tunneling. I can now get to the page with a more local address - after telling my firefox to allow it.
The new issue is that somebody hammers and reverts this box like there is a reward out for it.
Spoiler Removed
Spoiler Removed
The password suppose to work.
Spoiler Removed
Spoiler Removed
Type your comment> @Mindsflee said:
Hints:
User: at first it looks almost like a ctf, enumerate the ports and focus on the “small” ones, you will easily find interesting information to use against another “small” port. The rest is straightforward, look for the first service you see and search on the internet.
Root: Slightly more complex, the machine runs another different service, search about it and “try harder”. If you receive a 404 at the access is because your network probably shouldn’t have access to that service, get help maybe by going through a tunnel. Forget the reload button and wait. Perform the procedure multiple times if you fail. Sooner or later it will work.
ok I’ve been trying to repeat the last step for hours. I think the instructions are not actually correct. Click query when you’re done
Guys please stop dos and resetting machine. It is useless.
Type your comment> @bigFish43 said:
I’m confused about the ++ thing. I think I know what port it is listening on. At this point, I’m not even trying to create a tunnel. All I’m trying to do is verify I can interact with it on the remote machine as the N***** user. Shouldn’t I be able to curl the in*** .h*** in the w** directory? When I try to that, I get a “Connection was reset” error message. Why does that happen?
Same here. Even with the port forwarding i didn’t see any login page.
Entering the correct password for nsclient, still says 403 not allowed…is anyone facing this issue?
By far the worst box HTB has ever hosted.
Complete waste of time, except for those who like working on their F5 pressing skills.
If you’re stuck at the root part, it’s probably not your fault.
Type your comment> @rootsh3llz said:
Entering the correct password for nsclient, still says 403 not allowed…is anyone facing this issue?
I’m exactly at the same point.
@Mindsflee said:
Hints:User: at first it looks almost like a ctf, enumerate the ports and focus on the “small” ones, you will easily find interesting information to use against another “small” port. The rest is straightforward, look for the first service you see and search on the internet.
Root: Slightly more complex, the machine runs another different service, search about it and “try harder”. If you receive a 404 at the access is because your network probably shouldn’t have access to that service, get help maybe by going through a tunnel. Forget the reload button and wait. Perform the procedure multiple times if you fail. Sooner or later it will work.
I’m getting 403 even with tunnel vision…
Type your comment
Type your comment
Type your comment
whoops, there is a bug with the forum
you can simply click post with an empty textfield
Type your comment
I agree, the box is really unstable, and it’s not necessary to reset/reboot the machine to get root.
User + Root: Recon and check vulnerabilities.
Thank for this machine @dmw0ng. !
I am also getting stuck with 403 error with a password i found in a file that seems should be correct. i Still havnt used any of the 7 other potential credentials either. Can someone give me a nudge… Thanks