Posts: 50
Threads: 8
Joined: Jan 2024
(Feb 11, 2024, 11:59 AM)sahasi Wrote: (Feb 11, 2024, 10:01 AM)sahasi Wrote: (Feb 11, 2024, 09:48 AM)peRd1 Wrote: (Feb 11, 2024, 09:45 AM)NoobGajen Wrote: anyone have any ideas, how can i pwned admin user ?
Quote:hey man,
i tried every possible thing from this forum even this
but its not working for me
To both of you, check inside plugins folder, decompile, find those credentials. And look for a way to use them. (khm-khm... .. maybe? portfwd?)
That's all for root. Nothing more to say.
i'm sorry but i was talking about foothold
thanks for the 'cmd.exe' after trying for like a dozens of times i finally got the foothold
It'was totally pained!! LOL
Posts: 68
Threads: 5
Joined: Aug 2023
this box fucking sucked gotta dox the author
Posts: 1
Threads: 0
Joined: Feb 2024
(Feb 11, 2024, 02:32 PM)iNone Wrote: I had the password, but how i can access?
Try use WinRM mb )
Posts: 43
Threads: 1
Joined: Sep 2023
can anyone explain ?? i'm still confused regarding this machine i'm always stuck in windows machine can anyone help??
Posts: 1
Threads: 0
Joined: Dec 2023
(Feb 11, 2024, 02:41 PM)iNone Wrote: (Feb 11, 2024, 02:39 PM)BlackBeam Wrote: (Feb 11, 2024, 02:32 PM)iNone Wrote: I had the password, but how i can access?
Try use WinRM mb )
Yes im trying evil-winrm -i 10.10.11.249 -u Administrator -p 's67..' and different ports but nothing..
you can also try RunasCs instead
Posts: 37
Threads: 1
Joined: Dec 2023
I liked this box.
Though I can see what's making people upset.
The Kozmer poc exploit may not be not the best one to use here.
Try Log4Shell_JNDIExploit on GitHub instead.
I could establish multiple reverse shells that way without impacting the Minecraft server process at all.
Posts: 13
Threads: 0
Joined: Oct 2023
Feb 11, 2024, 04:01 PM
(This post was last modified: Feb 11, 2024, 04:04 PM by SCN27857.)
(Feb 11, 2024, 03:03 PM)Axura Wrote: Hours ago I captured the flag of `61***********************1e`, but the dump server did not recognize its juice and took it as a wrong flag. Then never got in the stupid server again for guys taking a long queue after it.
Then took some fresh air, had a lazy coffee, enjoyed some nice brunch with friends, open laptop.
Wow guys keep resetting machine. I sneakily stole the only one place for the after-reset server, hit the magic sentence, got the rev shell again. New flag `23********************` seems starts to work.
Head straight forward to root, boooom. Guys reset machine again. And you will never vote out of the other players who are waiting to get the shit. And the revshell connection down.
There's no place to enjoy a machine like this way. And only the winners will have the right to rate after suffering, with the stupid flag.
It just doesn't make sense, why you guys keep using free VPN instead of Release Arena VPN(Connect to HTB - Seasonal - Release Arena) which gives you personal instance where it's only you and the machine. And it's accesible free of charge for every new released box up until somewhat mid week.
Posts: 5
Threads: 0
Joined: Jan 2024
Is anyone able to access the server?
Posts: 8
Threads: 0
Joined: Feb 2024
(Feb 11, 2024, 04:29 PM)OliveiraaX Wrote: Is anyone able to access the server?
Still good on my end.
Posts: 5
Threads: 0
Joined: Jan 2024
I managed to get access, but they reset the machine and I got disconnected. Now I can't connect anymore!
|
