Spoiler Removed
@dalemazza said:
Type your comment> @in3vitab13 said:How are people getting ideas of OSINT? i see it nowhere in the page source!
and also the author has collection of web-shells? but how do i use this info?
and also how do i use OSINT to proceed further?The author has a collection of webshells. These are .PHP. you are attacking port 80. Maybe you can check for webshells already installed?
also, whats this hype about OSINT in the discussions?!
Type your comment> @in3vitab13 said:
(Quote)
also, whats this hype about OSINT in the discussions?!
It stands for Open source intelligence. Itās a very broad term to use. It is using any legal means of collecting information on a target. Think of it as being passive reconnaissance
ohkay who is this fucker , who keeps messing with the box!
It says my flag is wrong while submittng it!!
why does it say my flag is incorrect even after resetting it?
@in3vitab13 said:
why does it say my flag is incorrect even after resetting it?
The dynamic flags should change on each reset. It probably takes a few minutes after a reset for the flags to be working but Iāve no idea how it works on the backend.
If you have problems with this, you need to raise it with HTB via Jira so they can understand the scope of the problem. Jira Service Management
Type your comment> @TazWake said:
@in3vitab13 said:
why does it say my flag is incorrect even after resetting it?
The dynamic flags should change on each reset. It probably takes a few minutes after a reset for the flags to be working but Iāve no idea how it works on the backend.
If you have problems with this, you need to raise it with HTB via Jira so they can understand the scope of the problem. Jira Service Management
yeah, it worked once i tried it after a while!
Hint:
For rooting, I checked running processes and I need to ssh the box (without password) to get reverseshell
Type your comment> @dalemazza said:
Type your comment> @in3vitab13 said:
How are people getting ideas of OSINT? i see it nowhere in the page source!
and also the author has collection of web-shells? but how do i use this info?
and also how do i use OSINT to proceed further?The author has a collection of webshells. These are .PHP. you are attacking port 80. Maybe you can check for webshells already installed?
They are gone now as of the submission of this comment. Finally once i got an idea of how to approach after the OSINT, itās gone.
Not sure whatās going on but thatās not cute, man lol. People need to stop ruining the fun.
@3rpleThr3at said:
They are gone now as of the submission of this comment. Finally once i got an idea of how to approach after the OSINT, itās gone.
No - just checked, its there.
Type your comment> @TazWake said:
@3rpleThr3at said:
They are gone now as of the submission of this comment. Finally once i got an idea of how to approach after the OSINT, itās gone.
No - just checked, its there.
So apparently what i saw before was other peoples garbage and when I enummed again, I changed my query and boomā¦ some dirs
Someone deleted the index? I can see s*****k.php just by browsing to the IP
now the lua script isnāt there anymoreā¦ I would restore it if I just remembered the line correctly
I found the user.txt file but on submitting itās showing incorrect flag
@cosmicWind said:
I found the user.txt file but on submitting itās showing incorrect flag
It could be one of many things.
It could be that the box has recently rebooted and the flag you found isnāt yet in the system. It could be that the box rebooted between you finding the flag and pasting it in.
It could just be a fault in the API for the flags and should be reported via Jira (Jira Service Management)
Finally rooted! very interesting things happened while I was trying it. Learned a lot, thanks to the creator!
Hello! Iām stuck on traceback machine, i got the user but i dont know what i have to do to root it. Somebody could help me?
Type your comment> @3rpleThr3at said:
Type your comment> @dalemazza said:
(Quote)
They are gone now as of the submission of this comment. Finally once i got an idea of how to approach after the OSINT, itās gone.Not sure whatās going on but thatās not cute, man lol. People need to stop ruining the fun.
A bit dramatic ? glad you got it to work eventually!
Can anyone give me a clue on these processes?
Edit: So I got the root flag but Iām not sure if this was the correct way to do thisā¦no root shell, just read the flagā¦
Are the 403ās normal in the busted directories? Trying to use belch to bypass if there is a w*f.