Zephyr Pro Lab Discussion

Since there is not official discussion, I decided to start a thread for all those who need it!


Having some issues with getting the first flag, can someone PM me a direction to look at? Thanks.


Anyone willing to give me a nudge on the initial foothold? I’ve been hammering at this one for about 5 days… I’ve tried a lot of uploads, im at a point where i can upload whatever i want, but cant find a trigger. I’ve fuzzed every post field. Ive scraped users and cewled the site, but no logon creds. Any nudge would be very appreciated! Thanks!


can someone chat with me about the initial foothold please?

Thanks but i just get “Messages Failed to load” when i attempt to access that. Does it require some kind of registrtation?

Yep, you need to create a Discord account and then join the HackTheBox Discord server.

1 Like

Thanks, But that is not the issue. I have an account and I have joined the HTB server a long time ago

Ah, ok, then it’s strange, it should not require anything else.

Hi sorry I can’t be of help but could you provide some advice for the initial foothold?

Hi would anyone be willing to provide a hint for the initial foothold. Be much appreciated.

Having some issues with getting the first flag, can someone PM me a direction to look at? Thanks.

try to steal something in ad using the file upload functionality

1 Like

If anyone could PM me a hint regarding the initial foothold that would be great :slight_smile: Have been stuck here for a while!

I too am having difficulty with the initial foothold. LFI? SQL Injection … throw me a bone …

hi, were you able to get anywhere?

Hi. I am completing Zephyr’s lab and I am stuck at work. I have an access in domain zsm.local and I was able to get admin’s access for ZPH-SRVMGMT1 machine. I guess that before august lab update I could more forward, but now there is not GenericAll permissions to ZPH-SVRCA01 machine. Any tips are very useful. Thank in advance!

I am stuck
can anyone give a hint about ZPH-SVRADFS1


Any hint on the initial foothold ?

This is exactly my condition right now. Are there any tips moving forward? I tried to enumerate CA Managers, the description said user in the group can manage CA Server but I don’t see anything like it. Any hint is appreciated. Thank you.

Hi to everyone. I’m new here and i started the prolab today. I have found the first flag but now i’m stuck with the second. Could someone gives me a hint?