#modules

1 messages Β· Page 407 of 1

ocean night
#

wtf is that from @open mango

#

Thanks Medicated, appreciate it

open mango
ocean night
#

What CTF?

open mango
#

pentathon

ocean night
#

If it's active, then don't ask here. We don't help people cheat with CTFs

open mango
bronze lodge
#

Sent!

ocean night
rustic sage
#

Also wouldn't be fair to others who are putting in the effort.

frail tinsel
#

This is my first time posting, do I just wait for someone to hit me up?

fathom pendant
#

yep; patience. in the meantime keep cracking at it

#

no sense in staring at the screen waiting on a reply

frail tinsel
#

sounds good

fathom pendant
# frail tinsel sounds good

you can utilize the search feature; this question has been asked and answered a lot
short answer: you need to work in reverse of how you decoded the cookie

#

actually the question hint basically spells it out for you

#

literally gives you the step by step

full wagon
#

Ok, so turns out it was an error on the lab side. did the exact same attack today and got the hash.

frail tinsel
fathom pendant
#

you replace the whole cookie, not just a part of it

#

the prefix handles the important bit

frail tinsel
fathom pendant
#

cookie=<section symbol>randomtext<section symbol> then you do the payload processing

#

remember you're encoding the reverse order you decode
decode order
a -> b -> c
encode order
c -> b -> a

bronze lodge
#

Looks like Error Code 522 is back to haunt me again.

frail tinsel
ocean night
bronze lodge
slim plaza
#

Hello everyone, please help me. Please help me find the answer to this question in the HTB lab Broken Authentication Brute-Forcing Password Reset Tokens On what do password recovery functionalities provided by web applications typically rely to allow users to recover their accounts?

uneven dock
#

Hello everyone
I'm sorry if this isn't the right channel for my problem
Guys, has anyone ran into this problem recently? I can't load the academy, and my account is not even showing my gold subscription status. It throws me the following message
It looks like it's an issue on HTB side, but I didn't found anyone having this same issue. Any advice? Thanks!

image.png
fathom pendant
uneven dock
fathom pendant
ocean night
#

We are still investigating the issue, we've eliminated a lot of potential causes, and are going up the chain to our providers now

#

"everything is green" apparently does not mean "everything is green"

#

Spent a lot of time trying to correlate the errors being reported in CloudFlare and from users to the backend services, with no lucky.. so yeah, next step is size 14's up the providers arses

#

Apologies for the inconvenience @uneven dock - we're on it

rustic sage
#

Hello, I have a doubt with Ligolo-ng's double pivoting. I have access to the Network B Windows 10 machine and have agent.exe on it. However, to perform double pivoting, I can't get the agent.exe to connect back to my attacker machine and even pinging my attacker machine from Network B fails - provided, single pivot works flawless. I have tried port 80 on Ligolo too, but that didn't help.

TLDR: I can interact with Network B machine, Network B machine can't interact with me.

image.png
rustic sage
#

Even pinging 8.8.8.8 fails through Network B. So, is a double pivot through Ligolo a no-go approach for this?

fathom pendant
#

but you need to port forward for a double pivot

#

set up a forward that forwards from victim A -> you; then from victim B call to victim A on that special forward that sends back to you

rustic sage
fathom pendant
#

directly from that same guide

#

yeah this setup is kinda odd tbh

#

though @rustic sage newer veresions of ligolo do a lot of that stuff without the need to do route adding outside

rustic sage
# fathom pendant

Yeah, but they are adding that listener in session 2 console. Session 2 is this double pivot session

fathom pendant
#

yeah that setup is odd

#

but you have to imagine chaining things together

rustic sage
#

Yeah, I got that idea and it makes complete sense

fathom pendant
#

not to mention their diagram doesn't make sense

#

at least under some sections (mislabeled) but this is beyond modules and we're going off-topic

rustic sage
#

Right, thanks for the help, Marc. Very useful.
I'll just read another article for double pivot and modify my notes. Atleast their single pivot is fine

fathom pendant
#

yeah according to everything i know and understand, their lab setup is flawed in some way

rustic sage
#

100%

last haven
#

Hi everyone, I have a networking-related question. I have noticed this in the Pivoting module as well, but I'll use an example from the first lab assessment of the AD enumeration module.
running ipconfig inside the WEB01 box, returns:
IPv4 Address. . . . . . . . . . . : 172.16.6.100 Subnet Mask . . . . . . . . . . . : 255.255.0.0 Default Gateway . . . . . . . . . : 172.16.6.1
The solution states:

Students need to use WEB01 as a pivot host into the 172.16.6.0/24
Why is this described as the 172.16.6.0/24 network and not the 172.16.0.0/16 network as the Subnet Mask would suggest?

waxen totem
#

Cant actually make a definitive statement btw just providing my own insights and assumptions

proud crescent
#

Hi in
Introduction to Windows Evasion Techniques
Static Analysis

i put the exe in \alpha\static
in log files it says C:\Alpha\Static\htb.exe - OK - Undetected by Microsoft Defender Antivirus
but doesn't show the flag

tranquil axle
flint palm
#

Hello guys can you enter the academy? I cannot

#

Error code 522

worthy mantle
#

hi guys

acoustic owl
flint palm
#

I am trying to enter academy but when I hit academy it waits waits and after that gives 522 error does anyone experience the same problem?

rustic sage
flint palm
#

I thought there is a problem from my side somehow...

frosty ferry
#

what do i enter as answer i am confused\

image.png
#

i type the payload it gave me

ocean night
#

@bronze lodge @main ridge could you both try again please if you're available?

rustic sage
rustic sage
tawdry wren
#

Guys, can someone help me with this? I've tried a lot of things and can't find the flag.

image.png
rustic sage
rich valve
#

It got the job as IT admin in my city top international schoolπŸ•Ί

tawdry wren
frosty ferry
rustic sage
#

Oo I don't have token πŸ˜…

frosty ferry
#

it's a free module

#

wait

rustic sage
#

@tawdry wren this neeed some token πŸ˜…

ocean night
#

What are you on about @rustic sage ?

ocean night
rustic sage
#

@frosty ferry it needs 10 token πŸ˜… apology i don't have.. but try what I say it will work πŸ™‚

ocean night
#

Do not spoil

frosty ferry
#

Okay

ocean night
#

Even if it's free, flat out spoiling is crap.

rustic sage
#

@ocean night i want frand πŸ₯² good friend

ocean night
#

No, get out

frosty ferry
#

😭 😭 😭

compact patrolBOT
#

Shadow (1320243791252426822) has been banned until 2035-04-03 14:38:33 (UTC).

ocean night
#

Oh, I thought they said fraud

#

Shit

frosty ferry
#

They meant friend

#

Lol, i wonder why you got so angry

#

😝😝

Screenshot_20250405_200835_Discord.jpg
#

This is funny af

ocean night
#

I uhh.. I can't see the ban..

compact patrolBOT
#

User #1320243791252426822 has been unbanned.

ocean night
#

There

frosty ferry
#

Do you want me to invite him back to server?

ocean night
#

Please.. I can't seem to be able to

#

What is going on these past days..

#

Why the hell can't I invite them back

frosty ferry
#

@rustic sage

#

Welcome back

frosty ferry
ocean night
#

I think I need to close Discord.

frosty ferry
#

You've been online from long hours

rustic sage
ocean night
#

So sorry @rustic sage 😒

#

I completely mis-read your message

rustic sage
frosty ferry
rustic sage
#

@frosty ferry ok

#

@frosty ferry don't have access

frosty ferry
rustic sage
#

@frosty ferry ok.. let me see how that works 🐦

#

Why I can't message in "general " ? Just read

#

Do I have to do chmod +w general πŸ˜‚

hollow tapir
#

Good morning yall. I got the correct answer but dont understand why for a question in the Wi-Fi Penetration Testing Basics Module. The question was 'How many interface modes are available? (Answer in digit format: e.g., 3)'. I tried the number of supported interface types shown by iw list, but that was incorrect. Could anyone give insight into why? Does type != mode?

rustic sage
#

Interface is number of wifi AP you have and mode is about those WiFi state like 1 moniter mode 2 . Manage mode , 3master mode
Interface ex. Wlan0, wlan1, etho, lo etc @hollow tapir

#

@hollow tapir and its night here πŸ˜‚

hollow tapir
#

lol, good evening then. Thank you, but I am still confused.

#

The number supported interfaces are too many, and the interface types on each band doesnt add up to the amount of modes either

#

Could you provide a hint on how to get the correct information?

#

(if allowed)

#

I just figured it out

#

crazy work

main ridge
ocean night
#

Awesome, glad to hear it πŸ™‚

frosty ferry
frosty ferry
austere grail
#

is using google to solve a question inside a lesson considered cheating?

#

i mean ik i wont know everything from the start, but i feels too easy just googling it

hollow wharf
#

Hi
I have a question regarding the Optional Exercise in "Cracking Common Hashes" in the module "Cracking passwords with hashcat".
I revealed the answer but i don't understand how i can get to this answer myself.
Can someone explain me, how ||the NTLM hash of user pfalcon|| can help me leverage the NTLMv2 hash of adconnectsvc with the help of hashcat to authenticate as the user adconnectsvc to the domain?

frosty ferry
cyan blade
frosty ferry
#

it redirects me to the htb page

cyan blade
#

It's an anchor tag so it will redirect you based on what you put in the href attribute
The text between the tags can be changed to anything

frosty ferry
#

ik that

#

but i cant figure what to type for the answer

cyan blade
#

Have you tried to grab the blue text alone?

frosty ferry
#

yes

cyan blade
#

No spaces before it right?

#

And after?

frosty ferry
#

yes no spaces

cyan blade
#

This is weird ;-;

frosty ferry
#

so the answer is "Click me"?

cyan blade
#

I believe though, I can't remember it well but logically it should be

frosty ferry
#

i am stuck at such a simple question lmao

cyan blade
#

lmao it happens

#

Is that the XSS module?

cedar venture
#

Hi do anyone of you know hacking?

frosty ferry
frosty ferry
cedar venture
#

Oh okay πŸ‘πŸ»

frosty ferry
#

@cyan bladeif you have done this module could you just check for the answer and let me know

cyan blade
frosty ferry
#

sure

cyan blade
#

Okay πŸ‘

hollow wharf
# hollow wharf Hi I have a question regarding the Optional Exercise in "Cracking Common Hashes"...

For everyone struggling with the same question:
After asking, i found an answer to the question for the Optional Exercise in "Cracking Common Hashes" in the module "Cracking passwords with hashcat".

||You can use the NTML hash of a password to generate a NTLMv2 hash. And as you can use a NTLM hash for a "pass the hash" attack, if you can find a NTLM hash that correspond to a NTLMv2 hash, you can use this hash to authenticate as the corresponding user (see https://stackoverflow.com/questions/32272615/is-it-possible-to-convert-netmtlmv2-hash-to-ntlm-hash for how to check, if NTLM hash corresponds to NTLMv2 hash).||

Stack Overflow
Is it possible to convert NetMTLMv2 hash to NTLM hash?

Is there any way to convert NetNTLMv2 to ntlm hashes?
For instance ntlm value of the 123 is

3DBDE697D71690A769204BEB12283678
Same password for user "try" in computer "PC" which has private ip add...

dry falcon
#

when i do curl request .

curl -i -X OPTIONS http://94.237.61.28:56767
HTTP/1.1 200 OK
Date: Sat, 05 Apr 2025 17:29:56 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Length: 1108
Content-Type: text/html; charset=UTF-8```

why their is no Allow:  header ?  πŸ˜• 
https://academy.hackthebox.com/module/134/section/1175
simple zephyr
#

One of the guys on my team made a pretty cool plugin. Essentually he wanted to revisit modules that he completed, but did not want some of the flags to give away the hints. So he created a way to obfuscate the flags in the browser.

https://github.com/sudoheader/htb-academy-answer-hider

The sparkling milk is not apart of the plug in lol. That was just him trolling one of our other co-workers that was trolling another co-worker about creating sparkling milk, like actual sparking milk, but the video shows what the plugin does.

GitHub
GitHub - sudoheader/htb-academy-answer-hider: Hide answers on HackT...

Hide answers on HackTheBox Academy and Enterprise. Contribute to sudoheader/htb-academy-answer-hider development by creating an account on GitHub.

bitter needle
fathom pendant
#

do you mean googling "X module htb academy Y section" => if the module is above tier 0 --> yes

#

if you mean googling how to perform a task in general then no

dry falcon
fathom pendant
#

examples aren't necessarily the "use exactly this"

#

sometimes they are an 'hey sometimes you can do this'

dry falcon
fathom pendant
#

sure you can

dry falcon
fathom pendant
bitter needle
fathom pendant
#

that's part of what separates hackers from the rest.
You need to be able to take incomplete data, with what you know, and figure it out

bitter needle
fathom pendant
#

:)))))

#

learn2read

bitter needle
fathom pendant
flint palm
#

Guys hello if there is anybody who has done Cracking Passwords with HashCat what is the format of correct answer in Identifying Hashes?

fathom pendant
#

just the type name

bitter needle
fathom pendant
#

i.e.
MD5; SHA1; etc

bitter needle
#

wait am i gonna die?

fathom pendant
bitter needle
flint palm
#

hashid identified is as drupal but it tells me that incorrect answer...

fathom pendant
fathom pendant
#

the whole line is the hashtype

flint palm
#

Lol three times after inserting the same was telling me incorrect on the fourth it is correct....

plain charm
#

Hello. I am on Pitoting, tunneling and Port Forwarding module, in ICMP Tunneling section, I can't seem to solve this error while building the ptunnel-ng tool in the pivot host. my attack host ptunnel-ng is OK. but the pivot host is causing issues, it seems like its searching for a program "autoheader", the host has no internet, so i can't install the program. any suggestions

image.png
fathom pendant
#

You need to statically compile it from what I recall

plain charm
#

thanks, though the module should've mention it like it did with all other things(errors).
learned new things obviously with this.

marsh canyon
#

Hey guys, I'm currently working on the Android Fundamentals module, and it asks me to create a virtual Android phone. Does anyone know how to do this or where to do it?

cedar yew
#

hi all im stuck here

Module : AD Attack adn ENum
Section: Skill Assestment Part1

I'm doing pivoting here, but my command doesn't work

#

my kali : 10.10.14.245
web0 my connect machine(windows):10.10.14.245
and i want to connect machine :172.16.6.50

#

i use netsh.exe but dont work

brazen valve
#

dude is anyone doing the evil twin attacks new module on wpa2 and spa3? Im in the skills assessment and it seems like it is flipping impossible.

knotty zenith
cerulean hinge
#

Hi,

To be able to use evinwinrm into a machine we need to have PSRemoting right with our account + the WinRM port should be open ?
I'm seeing that I can evilwinrm into a machine however on bloodhound my account doesn't have the PSRemote edge to this machine. Does someone now why ?

fathom pendant
rustic sage
tranquil axle
marsh canyon
barren apex
#

I'm doing the Active Directory Enumeration & Attacks module. I can spawn the Linux attack box but the windows doesn't work
It says that the password is incorrect ERRCONNECT_LOGON_FAILURE.

Is something wrong with the VM?

waxen totem
barren apex
#

I mean I can't do the windows exercises because of this issue

#

htb-stdent:Academy_student_AD!

#

I tried using the linux password as well, cuz I didn't have anything else to try xD

waxen totem
#

make sure that the username and password are in singlequotes because the ! character does something in bash

#

If you get a locked out error just restart the attack box

barren apex
#

🀦🏻

#

Never thought I need to use quotes for the username, I used it for the password tho πŸ˜…

#

Actually that also didn't solve the problem

#

I used rdesktop to make sure I'm typing the credentials in windows's login screen
Yet I'm getting (the username or password is incorrect)

waxen totem
#

maybe try using xfreerdp ?

barren apex
#

It just spawns a black screen for some reason

waxen totem
#

press enter

barren apex
#

I feel stupid man πŸ˜‚

#

Thank you very much, it worked

#

Still no idea why rdesktop didn't work

tepid roost
#

Hey can someone help me I started a new account since I wasn't using this for a long time and I found and outdated tool that is no longer used I tried reporting it but I can't find a contact email anywhere

rough comet
#

If you want to use the old one you can email HTB.

foggy monolith
#

Curious what the "Error detecting the version of libcrypto" error in PKINITtools is about. Anyone?

ocean night
compact patrolBOT
foggy monolith
ripe smelt
#

Just started the nmap module, have a follow up question to some content. The module says:

If we disable port scan (-sn), Nmap automatically ping scan with ICMP Echo Requests (-PE). Once such a request is sent, we usually expect an ICMP reply if the pinging host is alive. The more interesting fact is that our previous scans did not do that because before Nmap could send an ICMP echo request, it would send an ARP ping resulting in an ARP reply. We can confirm this with the "--packet-trace" option. To ensure that ICMP echo requests are sent, we also define the option (-PE) for this.

My questions is when/why would I choose to use ARP vs ICMP to determine if a host is "alive"?

waxen totem
ripe smelt
# waxen totem Windows firewall actually blocks ICMP by default

Gotcha, that makes sense πŸ™‚ and presumably ICMP can give me a bit more than just "here have a mac address" which is my understanding of what arp would give me, so if it is there it's nice to have? Sorry new to networking beyond the basics required for programming.

waxen totem
#

ARP can get you ip addresses indirectly iirc

ripe smelt
#

Thanks 😎

merry tiger
#

I need some assistance and I'm not sure where to start

cloud urchin
#

Then reach out to the authorities, no one here can help you with that, we aren't the police.

dark hedge
#

if it's not relevant, then it doesn't belong here

rustic sage
#

Who can I verify myself here?

indigo tinsel
#

what's this server for please someone tell me

cloud urchin
cloud urchin
indigo tinsel
#

it tells about hacking?

compact patrolBOT
mighty matrix
#

hi guys

#

how do I connect my discord again πŸ˜…

silent kayak
#

I'm a noob and I'm looking for a partner to code with anybody hmu on my discord can start today n I'm serious if u can help me out that's all I'm looking for

rustic sage
#

@silent kayak i want someone who can play ctfs

cloud urchin
mighty matrix
#

telling me to contact mods

cloud urchin
#

dm me

mighty matrix
#

done

quiet halo
#

For the Shells and Payloads live engagement, is there a way to find the user/password for host1 without looking at the hint?

cloud urchin
#

@quiet halo please don't post content from modules above tier 0

quiet halo
#

oh

#

so where do I ask then

cloud urchin
#

here, no need to post content from the module though.

quiet halo
#

how do I ask the questions without putting the picturs though

#

it's for context

cloud urchin
#

You just explain it without revealing the content

quiet halo
#

there

cloud urchin
#

depends on how the server is setup

#

there are various methods to block direct ip access and require a hostname

prime crow
#

Hello guys in "Using Web Proxies" module in question "Use Burp Intruder to fuzz for '.html' files under the /admin directory, to find a file containing the flag" should i try more than 10 millions probability ?

cosmic sentinel
#

Hello,
in the Working with IDS/IPS module, i got the answer for the Suricata skills assessment by getting a hint here and analyzing the pcap with wireshark, i also read through the link that is provided in the section but i still dont understand why its the correct answer.

There is a file named pipekatposhc2.pcap in the /home/htb-student/pcaps directory, which contains network traffic related to WMI execution. Add yet another content keyword right after the msg part of the rule with sid 2024233 within the local.rules file so that an alert is triggered and enter the specified payload as your answer. Answer format: C____e

if someone could explain it, i would really appreciate it.

quiet halo
#

or idk myabe im consufed

cloud urchin
quiet halo
#

how though

dark hedge
#

virtual hosts

cloud urchin
#

There are various ways to configure a web server on how to respond when accessing it directly by IP. I can't really list them all because I don't know them all, and there are different ways for nginx, apache, and other web server software.

quiet halo
brazen valve
#

anyone compleded the wifi evil twin attacks skill assessment?

broken saffron
#

Hello there team! I have an issue or think is an issue in module pentest in a nutshell (Windows Pillaging) I can't see the file mention the .csv just want to validate if its only me? I already did privesc with user John by the way πŸ₯²πŸ‘€

smoky elbow
#

Hi everyone,

I’ve been stuck for about 4 hours on the Introduction to NoSQL Injection: Skills Assessment II.

I’ve already identified the valid username, and|| I’ve also triggered the reset functionality.||

However, when I try to use|| a time-based injection to enumerate the reset token||, it doesn’t seem to work anymore β€” I get the|| same response time ||regardless of the input.

If anyone could give me a hint or point me in the right direction, I’d really appreciate it!

supple dragon
thorn bronze
#

i need help for cbbh or cpts dm me if u willing to help

cloud urchin
#

Just ask here

#

You mentioned you needed help with the modules

thorn bronze
#

Server-side Attacks and broken authentication probally need some help

cloud urchin
#

Yeah ask your specific questions here, just remember don't spoil content from modules above tier 0 (which those both are)

thorn bronze
#

dm me directly thx

cloud urchin
#

@formal prairie please don't post content from the modules that are above tier 0, like the pics, the username/pass etc.

weak fractal
#

Module Injection Attacks, section Exploitation of PDF Generation Vulnerabilities. How do you properly enumerate the internal web application? The payloads in the section mostly show errors for me

formal prairie
supple dragon
formal prairie
thorn bronze
#

Exploit a SSRF vulnerability to identify an internal web application. Access the internal application to obtain the flag?

#

dm me thx

cloud urchin
formal prairie
lilac temple
#

Hey guys, I recently start getting into β€œhacking” I was wondering, how does one get access to a websites code, Not just by inspecting it but actually being able to change stuff about it. sorry if it’s a dumb question. I’m not into taking credit card info or anything like that i just find it cool lol

compact patrolBOT
thorn bronze
#

anyone finish broken authentication and server side template injection

#

txt me thx

#

from cbbh

lilac temple
#

Imao, broken auth and ssti?
y'all makin progress or just staring at errors?

wary sky
#

Hi, I am taking the Information Gathering - Web Edition, Skills Assessment module. When I add the correct vhosts in etc/hosts, I still can't get to the site. Can you tell me what the problem might be?
btw I'm not sure if this is the right or wrong place to ask questions about the modules.

autumn pilot
#

When you update your hosts file make suire first to not add the port, second when you visit the host through a browser do not forget to add the port

wary sky
round raven
#

God damn its slow as hell, will HTB servers ever be in SEA ??? 😦

prime magnet
#

nmap -Pn -A 10.10.11.62
Starting Nmap 7.95 ( https://nmap.org ) at 2025-04-06 04:34 EDT
Nmap scan report for 10.10.11.62
Host is up.
All 1000 scanned ports on 10.10.11.62 are in ignored states.
Not shown: 1000 filtered tcp ports (no-response)
Too many fingerprints match this host to give specific OS details

TRACEROUTE (using proto 1/icmp)
HOP RTT ADDRESS
1 102.55 ms 10.10.14.1
2 ... 30

What should I do next ?

Nmap: the Network Mapper - Free Security Scanner

Nmap Free Security Scanner, Port Scanner, & Network Exploration Tool. Download open source software for Linux, Windows, UNIX, FreeBSD, etc.

bronze lodge
vivid mantle
#

can i dm you?

tribal plinth
knotty zenith
hidden furnace
#

Need help with payload and shell module "The Live Engagement". im not sure if i can post anything related to it here since its more than tier 0

indigo fulcrum
#

Happy Sunday Peeps! Just touching in to see if i could get some advisement on:

https://academy.hackthebox.com/module/232/section/2578

Its a bit of a tricky situation...I am yet again in a situation - where I can do some interesting stuff...I got some sensitive deets, but not for the NPORTs and wondered if it might be related to an environmental issue?

I was able to enum as another user where I got sensitive deets for...but not as per user in the final question. Any helpers?

slender kindle
#

Can anyone help me with this questions:
Try to exploit the upload form to read the flag found at the root directory "/".

opal nexus
#

Has anyone did the 'Android Fundamentals' module --> 'Android Debug Bridge' section --> ' After launching the application as instructed in question 1, use ADB to read the content of the file /data/data/com.hackthebox.myapp/files/flag.txt.' for a little help please?

vivid mantle
#

i hope i can help πŸ˜…

#

we both have the same "permission denied" problem on this question

quick crane
#

bro do you finished this?

#

do you finished?

#

me too,how dou you solved this?

#

can I dm you?

dark jay
#

hello

#

i am doing pentest module and i am on footprinting smtp i run command it seems correct but it does not return answer can anyone help?

pastel fractal
#

idk if we can ask for help here but ive been stuck on Module 39, Section 407 for an hour now

dark jay
#

which is that

#

yea their wordlist was missing the correct user i searched the questions answer added to wordlist and it worked

#

strange

elder kraken
#

Hey,

Do you know who I can talk to about correcting a problem with my Academy account?

carmine wave
#

Hi πŸ‘‹

compact patrolBOT
dark hedge
elder kraken
coarse trout
#

hey guys i have been having trouble on openvpn and i dont understand whats wrong

rn_image_picker_lib_temp_3fcee392-36a8-41db-823c-7453f401792a.jpg
#

idk if this is the right channel

quick crane
fathom pendant
compact patrolBOT
quiet halo
fathom pendant
quiet halo
#

huh

fathom pendant
#

desktop of the foothold

#

:)

quiet halo
#

wow

fathom pendant
#

yep

#

easy to overlook as you're just geared towards cracking open the targets

quiet halo
#

yeah

fathom pendant
#

@tulip jasper please don't spoil information from scans from a lab from the module, yes it's tier 0 but still try not to share the specific scans

tulip jasper
fathom pendant
#

as a note @tulip jasper you got errors in your ffuf output; so there may be more going on that's causing issues

tulip jasper
fathom pendant
#

well the errors may indicate that there's some connection issue or something simplistic going wrong

#

my best guess is you're using http:// and not https://

fathom pendant
#

@left needle module is above tier 0 please don't spoil things :)

left needle
#

sorry sir but was how can I solve that question ?

fathom pendant
#

your answer looks correct

#

also; don't call me sir

tulip jasper
fathom pendant
#

try refreshing the page, making sure you don't have extra spaces/0-width characters

left needle
fathom pendant
#

there will be multiple 200 responses

#

the hint as to what it could be is in the question

tulip jasper
brazen valve
#

Do you remember how you got the first answer for PulseGrid-INT?

dry falcon
fathom pendant
rustic sage
#

what? how? i have same problem

fathom pendant
#

haven't done the module just utilized reading comprehension

proper siren
#

Hi people
After several trials I couldn’t find the right answer for ( Penetration Testing Process; Page 9; Vulnerability Assessment):
β€œWhat type of analysis can be used to predict future probabilities?”.

I think it should be something like β€œPredictive Analysis”, I tried prescriptive analysis as well

But I couldn’t manage to find the exact answer. Could someone assist me, please?It would be a great help

dry falcon
fathom pendant
proper siren
fathom pendant
proper siren
fathom pendant
#

ah ok nvm then kek

bleak siren
#

Anyone know if theres an arm VM?

fathom pendant
#

also the admin may not be a "username"

fathom pendant
bleak siren
fathom pendant
#

there's no "htb specific" vm

#

there's the "HTB edition" of the ParrotOS

#

looks like the live HTB edition isn't updated for ARM

bleak siren
fathom pendant
#

there is the architect edition

rustic sage
#

i use kali linux, both are great

fathom pendant
rustic sage
#

btw theres even ippsec's version of it

#

you can use that too

#

somewhere in his vids he explains it

fathom pendant
#

:)

stark hare
#

Hi! I am currently doing the Active Directory Attacks series and have difficulties connecting the the windows machines through RDP. I Downloaded the VPN config file after spawning machine. It once worked briefly, but I cannot get a stable connection. What am I missing?

Bildschirmfoto_2025-04-06_um_18.34.54.png
winged gate
#

hello guys i'm stuck on this question on the active directory module :Perform the ExtraSids attack to compromise the parent domain. Submit the contents of the flag.txt file located in the c:\ExtraSids folder on the ACADEMY-EA-DC01.INLANEFREIGHT.LOCAL domain controller in the parent domain."

can someone help me ... ?

#

i have this error with mimikatz ERROR kuhl_m_lsadump_dcsync ; GetNCChanges: 0x000020f7 (8439)

fathom pendant
fathom pendant
winged gate
fathom pendant
#

i forgot how i navigated this, not at my notes atm but i don't recall many issues with this Β―_(ツ)_/Β―

brazen valve
#

wifi evil twin attack skill assessment, anyone else working on this?

low oriole
#

Dear all, I hope one can hel me: I am stuck withe final question in the Module "Network FOundation" that says: "Bypass the request filtering found on the target machine's HTTP service, and submit the flag found in the response. The flag will be in the format: HTB{...}"

THe flag says: "<!-- HTB{REDACTED} -->" but its still wrong...?

fathom pendant
#

it doesn't include the HTML comment

#

so exclude the <!-- -->

low oriole
#

mh..still not working πŸ˜’

#

even copy pasted your answer

#

maybe i try and restart - thank you MarcieLee

fathom pendant
#

well obviously i'm not giving the actual flag

#

but the flag is just the HTB{..}

#

as noted by the format

low oriole
#

will try again thank you MarcieLee

blazing loom
#

I'm doing the "Information Security Foundations" path and am starging the "Setting Up" module. However this module says "A firm grasp of the following modules can be considered prerequisites for successful completion of this Module: Linux Fundamentals, Windows Fundamentals" But those are ordered later in the path. What is the deal with that? Makes the order in which to complete these confusing.

fathom pendant
#

Setting up is the basics of getting a VM/VPS/etc up and running

#

you don't need to follow it step by step you can use it as a rough guide

#

there should be a wordlist included in the > resources < section

#

smtp-user-enum is also helpful

#

(not the nmap script, as that's garbage)

#

it can

humble trail
#

Hello, like many others I am also stuck on this question in the module Password Attacks PtH: Using Julio's hash, perform a Pass the Hash attack, launch a PowerShell console and import Invoke-TheHash to create a reverse shell to the machine you are connected via RDP (the target machine, DC01, can only connect to MS01). Use the tool nc.exe located in c:\tools to listen for the reverse shell. Once connected to the DC01, read the flag in C:\julio\flag.txt.
I am connected to the windows machine but when I try launching the attack the reverse shell conection is never initiated. Any help would be great.

vivid mantle
#

https://academy.hackthebox.com/achievement/1428443/195

Completed Android Fundamentals

This module introduces fundamental concepts of the Android environment, focusing on the operating system, its security features, and the structure of applications. It provides students with details about the different styles of application development and familiarizes them with their development environment. This module also explains how apps co...

#

dance !

image.png
desert void
#

Hey guys, do you know anything about computers?

runic rampart
winged gate
#

is it possible for someone to explain me that question on the active directory module it's been 4 hours that i'm stuck ..
Perform the ExtraSids attack to compromise the parent domain. Submit the contents of the flag.txt file located in the c:\ExtraSids folder on the ACADEMY-EA-DC01.INLANEFREIGHT.LOCAL domain controller in the parent domain.

dense apex
brazen valve
# runic rampart ||SSL||

preciate it, yeah finally got that one. Didn't realize I needed to get two clients to connect instead of just one. I got the third question as well. Can you offer any insight to the second question. I think I'm supposed to combine the wifiphisher section with another to crack into PulseGrid. Can you nudge me in the right direction?

runic rampart
brazen valve
runic rampart
brazen valve
#

Gotcha, well question 3 is covered directly in the eapham section if you haven't gotten that one, and I'm pretty sure question 2 is a combination of evil twin attack on wpa3 + the wifiphisher section

fathom pendant
#

you're trying to download the file to a location you don't have write access to

#

also you can't chmod within ftp

#

not to mention module is above tier 0; and skill assessment so avoid spoiling things like username and general info about the environment

onyx lion
#

ok but im pretty sure the location isnt a problem so now you deleted the message i will remake it
ftp> ls
229 Entering Extended Passive Mode (|||35821|)
150 Here comes the directory listing.
-rw-rw-r-- 1 1000 1000 554 Feb 09 2022 authorized_keys
-rw------- 1 1000 1000 2546 Feb 09 2022 xfile
-rw-r--r-- 1 1000 1000 570 Feb 09 2022 x.pub
226 Directory send OK.
ftp> chmod 644 xfile
500 Unknown SITE command.
ftp> get xfile
local: xfile remote: xfile
ftp: Can't access `xfile': Permission denied
ftp>
Guys im struggling in the password-attack-easy-lab i cant download a file

fathom pendant
#

i'm pretty sure it is; cd to a directory like /tmp then connect to the instance

onyx lion
#

Now that's interesting
the directory i created maybe days was root
drwxr-xr-x 2 root root 4.0K Apr 3 12:40 Confuzing
Thank You Marcie

fathom pendant
#

this is why you don't run around as root

median gale
#

New module captive portals-bypass Client Hijacking through Interception. Anyone has problem connecting to the enterprise network with the already correct found password? What am i mssing?

image.png
marsh canyon
worn matrix
#

i have seen many wifi moduels.Will be any cert about this?

wild wolf
#

One message removed from a suspended account.

safe star
wild wolf
#

One message removed from a suspended account.

magic mango
#

Evening all. I'm still stuck on the SMB-Footprinting: Connect to the discovered share and find the flag.txt file. Submit the contents as the answer.

I found A flag but its the wrong one? i did run a -Sv -sC to find this...i'm just stuck and could use some guidance

fathom pendant
fathom pendant
#

This module uses the same lab for several sections

magic mango
fathom pendant
#

Also "anon" in smb is guest logon

#

Easily testable with -U "" -N

magic mango
#

am i doing too much by using -p-? clearly i'm not accessing the correct service

fathom pendant
#

The answer isn't on some obscure port or anything

magic mango
#

yes, of course and i have to access that to find the flag. i was just wondering if i'm doing too much by using -p-

wild wolf
#

One message removed from a suspended account.

fathom pendant
#

You don't need to -p-

fair plinth
#

The windows machines on the modules have a huge latency for me, my VM is running 4 cpus and 8 Gigs of ram but man it's painful. Is the latency on Windows machines normal or can i improve it somehow

coarse marlin
#

If I think there is some mistake in the solution, can I ask about it?

Module: Parameter Logic Bugs
Section: PoC and Patching - Unexpected Input

quiet heart
#

Hi, does after my annual subscription ended the step-by-step solution will be disabled?

cloud urchin
#

My guess would be yes, but reach out to support on the site for an answer they will know for sure. I believe you need the active subscription to show the solutions.

quiet heart
coarse marlin
fathom pendant
fathom pendant
#

if you think the solution is bugged/incorrect: #1234357888114364508 with the #walkthrough tag (obviously keep things spoilered/redacted) but more leniency is put there so that staff know what you're having issues with

quiet halo
#

does anyone know how to make the exploit work on Host3 of Shells and Payloads live engagement? I check LHOST, LPORT, RHOSTS, RPORT and everything seems correct, yet I get "Exploit completed, but no session was created".

fathom pendant
quiet halo
#

mmm yeah

#

my LHOST is the IP of the machine I spawned

waxen totem
quiet halo
#

wym?

#

host3 ip is 172.16.1.13

#

and this is my IP, so my LHOST

image.png
cloud urchin
quiet halo
waxen totem
quiet halo
#

oh

waxen totem
#

However the foothold host CAN connect to them so it does have an IP in teh SAME subnet, e.g. 172.16.x.x

#

that's the LHOST you want

quiet halo
#

I change my LHOST to 172.16.1.5, same error

waxen totem
#

show ip a output on foothold host

#

deleted it cos it showed which exploit you were using kek

quiet halo
#

oh myh bad

waxen totem
#

show options WITHOUT payload&exploit kek

quiet halo
waxen totem
#

Looks good to me, can you try the check command?

quiet halo
#

idk what was wrong with the last exploit I used

waxen totem
#

The one you're currently using is more reliable but also less stealthy as it involves adding files onto the admin share

quiet halo
#

yeah well it sucks

#

my mess up was not looking at the IPs

#

and not think about subnets

waxen totem
heavy hearth
#

Anyone available to assist with payload construction on nosql skills part 2?

After discovering a username, I’ve discovered the endpoint to inject into but can’t ascertain a true/false from response text

cloud urchin
#

@fringe gust This isn't the place for political discussions.

fringe gust
#

I need help

cloud urchin
#

with what

weak current
thorny vigil
#

I finally finished "Introduction to Malware Analysis - Debugging" it only took me 9 hours.kekhands

thorny spoke
#

How this work

#

Fr fr

#

Good name

compact patrolBOT
thorny spoke
#

How I do this

cloud urchin
#

How do you do what? I just linked how to get started with HTB.

trail grove
#

Hey guys im having trouble with this module: SQLMAP ESSENTIALS - Attack Tuning

What's the contents of table flag5? (Case #5)

#

I can find the flag but it doesnt actually work. I heard of people having similar issues

#

tried refreshing the instance but no luck

glass locust
glass locust
trail grove
#

is there something wrong with my input what is the -D testdb doing

#

yes

glass locust
#

Not sure then, double-check that there is no [space] in the beginning and in the end of your input in SA section

ocean night
#

Don't spoil commands for modules above tier 0

trail grove
#

yeah I double checked that 😦

glass locust
ocean night
#

Thank you.

#

@trail grove if you're certain you have the correct answer, and it is still not being accepted, I'd advise reaching out to support.

trail grove
#

alright will do, thanks @ocean night

#

and thanks rk

ocean night
#

Starting to think we need to add a notification stating that whenever someone submits an incorrect flag, not sharing spoiling content I mean

ripe pulsar
# vivid mantle https://academy.hackthebox.com/achievement/1428443/195

Hi! I saw you completed the Android Fundamentals module, and I wanted to ask you something about the assessment.
In the instructions, it says: Install myapp.apk by dragging and dropping it into the emulator. Then, open the embedded terminal in Android Studio and run adb root && adb shell ls -l /installed/apps/. Replace /installed/apps/ with the correct path to find the app’s home directory.

Could you help me understand what the actual question is in this module?. I think the question is ambiguous. This is the last question I need to complete the module.

ocean night
#

Thanks for the feedback @split cliff - agreed this module could be much clearer, and I'll feed this back to the team. This is certainly, at least from my experience of modules when providing support an exception. Apologies for the inconvenience and confusion.

#

As for the actual question, it seems you are expected to provide the path for the data directory of the installed APK.

vivid mantle
ocean night
#

Also @ripe pulsar, see above

#

Already answered @vivid mantle ;P

#

But thanks for offering all the same

vivid mantle
#

πŸ™

split cliff
ocean night
#

Know that feeling of a bad day marring the rest of it

eager ledge
#

Question: Why does DLL Injection section of Windows Privilege Escalation module not have an exercise section? Looking at the whole lot of content, I feel like, I could grasp the concepts better, if I was doing hands on.

fathom pendant
#

because DLL injection is definitely a bit more advanced than the other topics

#

as it would require either crafting an msfvenom payload or writing the malicious DLL yourself

eager ledge
#

Does this mean that I can expect CPTS exam would not require me to do "advanced" DLL injection?

ocean night
#

Generally speaking, if the subject is not covered in the course material, it is unlikely to be included in the exam, but past that statement we can't provide details regarding the exam environment @eager ledge

thin citrus
#

Is there someone who I can send a DM for 'Skills Assessments Advanced XSS and CSRF Exploitation' and share my word doc for steps I tried to do xss on file upload function and help to promote the user?

cloud sinew
#

Has anyone been having issues with xfreerdp at all? Everytime I get on hackthebox and this has been happening for about a month now, it will work for a section or two, then when I go to start the target IP again, wait the recommend 5 minutes, I either can't connect or I just get a black box. I've switched VPN servers, I've already checked everything on my end, I don't really have these issues to this extent with other platforms. I'm on the Active directory enumeration module now, but this issue has been prevalant since I started the Attacking Common Services module.

fathom pendant
#

uses the tcp vpn download

cloud sinew
fathom pendant
#

blackbox -> hit enter

cloud sinew
#

Yeah that didn't do anything

fathom pendant
#

are you only running one vpn instance?

#

sudo killall openvpn -> then reconnect

cloud sinew
#

I tried that before but I'll try that again. I checked my interfaces before and tun0 was the only vpn running

fathom pendant
#

i also suggest reaching out to support

compact patrolBOT
ocean night
#

I think previously some mentioned changing the MTU value on the VPN connection

cloud sinew
#

I'll look into this and thank you for your help

ocean night
#

Switch to the TCP VPN Also

#

Good luck!

ocean night
iron plaza
jagged vault
#

Please I need help with this, have answered all most likely Ans but it's still said wrong answer

What does the acronym Linux PAM stand for ?πŸ™

thin citrus
#

@jagged vault Pluggable Authentication Modules

#

Anyone for SA advanced XSS and CSRF availible?

peak bear
#

anybody know what i'm doing wrong here? i can't interpret the error message mimikatz is giving me meaningfully

PS C:\Tools\mimikatz\x64> klist

Current LogonId is 0:0x59a94

Cached Tickets: (1)

#0>     Client: hacker @ inlanefreight.local
        Server: krbtgt/inlanefreight.local @ inlanefreight.local
        KerbTicket Encryption Type: RSADSI RC4-HMAC(NT)
        Ticket Flags 0x40e00000 -> forwardable renewable initial pre_authent
        Start Time: 4/7/2025 3:30:24 (local)
        End Time:   4/5/2035 3:30:24 (local)
        Renew Time: 4/5/2035 3:30:24 (local)
        Session Key Type: RSADSI RC4-HMAC(NT)
        Cache Flags: 0x1 -> PRIMARY
        Kdc Called:
PS C:\Tools\mimikatz\x64> .\mimikatz.exe "lsadump::dcsync /user:inlanefreight\lab_adm /domain:inlanefreight.local" exit

  .#####.   mimikatz 2.2.0 (x64) #19041 Aug 10 2021 02:01:23
 .## ^ ##.  "A La Vie, A L'Amour" - (oe.eo)
 ## / \ ##  /*** Benjamin DELPY `gentilkiwi` ( benjamin@gentilkiwi.com )
 ## \ / ##       > https://blog.gentilkiwi.com/mimikatz
 '## v ##'       Vincent LE TOUX             ( vincent.letoux@gmail.com )
  '#####'        > https://pingcastle.com / https://mysmartlogon.com ***/

mimikatz(commandline) # lsadump::dcsync /user:inlanefreight\lab_adm /domain:inlanefreight.local
[DC] 'inlanefreight.local' will be the domain
[DC] 'ACADEMY-EA-DC01.INLANEFREIGHT.LOCAL' will be the DC server
[DC] 'inlanefreight\lab_adm' will be the user account
[rpc] Service  : ldap
[rpc] AuthnSvc : GSS_NEGOTIATE (9)
ERROR kuhl_m_lsadump_dcsync ; GetNCChanges: 0x000020f7 (8439)

mimikatz(commandline) # exit
Bye!

https://academy.hackthebox.com/module/143/section/1457

#

ah, the /domain argument was wrong when creating the golden ticket - should have been logistics.inlanefreight.local

small echo
#

Hello, Im having some trouble on a question on Linux Fundamentals modul, hwere I should ask for help? πŸ™‚

peak bear
small echo
weak current
peak bear
small echo
#

If anyone could help me with this question, I'm doing a curl on the box, but its not returning anything.
I tried not to use chatpgt and alredy checked: man curl, but did not find anything

image.png image.png
small echo
peak bear
small echo
#

but there is some problem on the connection

image.png
peak bear
dry falcon
weak current
small echo
peak bear
small echo
peak bear
#

yeah just use that, nothing special about the pwnbox necessary for this question.

small echo
peak bear
weak current
peak bear
#

how are you determining where the shell is uploaded?

weak current
peak bear
dry falcon
weak current
weak current
dry falcon
#

may be giving wrong path

peak bear
weak current
peak bear
weak current
peak bear
weak current
peak bear
#

ok, so specifically why do you think you should be looking for a file named 260704_shell.phar.jpg

compact patrolBOT
#

No hints are allowed for the duration of the event. Once the event is over, feel free to share solutions.

weak current
peak bear
#

correct, and why would it be 260704_shell.phar.jpg

weak current
#

ohhh I have to name it that before uploading
// rename before storing
$fileName = date('ymd') . '_' . basename($_FILES["uploadFile"]["name"]);
$target_file = $target_dir . $fileName;

peak bear
weak current
#

so shel.phar.jpg would of gotten name 260704_shell.phar.jpg on the server

peak bear
#

the 4th of july 2026?

weak current
#

i cant list the directory anyways, im like sniping it at this point

#

oh its 260407_. But your are supposed to find the file like from the url and I get a 404

peak bear
#

what year is it?

weak current
#

oh shit that was a 250407_ earlier

knotty terrace
#

hello, question on android fundamentals. I'm currently in Android Emulator section and I'm stuck with the question number 2 asking for build number. I followed the instructions but it keeps prompt ing incorrect answer.

vivid mantle
peak bear
# weak current

should be GET not a POST, but i would still expect that to not 404 if you uploaded the shell successfully

weak current
peak bear
weak current
#

yeah I tried that, I think it was delete a function and add your extension to the list.

#

i swear they patched this thing

peak bear
#

it is a +7 cube question, so it is quite demanding

weak current
rustic sage
#

How to get access to general

wanton compass
#

How do I upload image

#

Help I got an Internet serviice not my own location

unreal seal
#

Can some help me in what is the issue in this case?
I am trying to use ligolo-ng SSL certificate for my connection but it is giving errors.
I am testing it on Pivoting, Tunneling and Port Forwarding Module Skill assessment.

image.png
acoustic owl
daring cliff
#

hello i am a problem with
YARA & Sigma for SOC Analysts

Use Chainsaw with the "C:\Tools\chainsaw\sigma\rules\windows\powershell\powershell_script\posh_ps_susp_win32_shadowcopy.yml" Sigma rule to hunt for shadow volume deletion inside "C:\Events\YARASigma\lab_events_6.evtx". Enter the identified ScriptBlock ID as your answer.

its possible explain what i have to do

nice regards

glass locust
glass locust
last bronze
#

Guys I switched to Kali Linux as Main OS from Windows. From that time I am facing a issue in charging. The battery percent suddenly shoots up and down. From 100 to 81 normal then suddenly 0. This happens in 3-4 minutes. Similar during charging.
What should I do . Other than switching to different OS

#

2025-04-07 19:02:15 status=Discharging percent=82
2025-04-07 19:02:16 status=Discharging percent=82
2025-04-07 19:02:17 status=Discharging percent=82
2025-04-07 19:02:18 status=Discharging percent=82
2025-04-07 19:02:19 status=Discharging percent=82
2025-04-07 19:02:20 status=Discharging percent=0
2025-04-07 19:02:21 status=Discharging percent=0
2025-04-07 19:02:22 status=Discharging percent=0
2025-04-07 19:02:23 status=Discharging percent=0
2025-04-07 19:02:24 status=Discharging percent=0
2025-04-07 19:02:25 status=Discharging percent=0
2025-04-07 19:02:26 status=Discharging percent=0
2025-04-07 19:02:27 status=Discharging percent=0
2025-04-07 19:02:28 status=Discharging percent=0
2025-04-07 19:02:29 status=Discharging percent=0

daring cliff
#

ty

unreal seal
drowsy ingot
iron plaza
drowsy ingot
#

real

acoustic owl
unreal seal
#

then what is the use case of this in ligolo-ng?

jagged vault
unreal seal
#

Then why it shows, let's encrypt acmme autocert?
how can we use let's encrypt certificate to encrypt our current ligolo session.

image.png
thin citrus
#

@jagged vault Try then Privileged access management (PAM) that is the only two i know

jagged vault
#

@thin citrus thank you sooo much, I've got it

quick crane
#

lol

acoustic owl
gray yacht
gray yacht
iron plaza
keen needle
#

Hey, before I leave it running all day, is the brute force attack in password mutations supposed to take more than an hour or did I mess up an earlier step

hallow summit
#

Hi guys, can someone help me? I’m new to pen testing and have a dumb question…

#

I’m doing appointment module on htb, how do I know where something downloads to after doing git clone (url) command?

#

Also it would be a big help if someone could tell me how to access general chat

novel onyx
#

Been trying to figure out the general chat thing as well.

hallow summit
gloomy stump
#

you have to verifiy yourself

hallow summit
#

Ohhh thank you I got it

#

In the meanwhile, does anyone know the answer to my question about git clone?

fathom pendant
fathom pendant
foggy monolith
#

DACL Attacks II Β§ sAMAccountName Spoofing

Getting a KDC_ERR_PREAUTH_FAILED on attempt to use the TGS retrieved using the spoofed account, and curious as to why. Any /etc/hosts modifications necessary?

hallow summit
#

Um there’s no account identifier on my profile

#

I’m in user settings of hack the box

fathom pendant
weak current
hallow summit
#

But I’ve only got discord mobile

fathom pendant
foggy monolith
hallow summit
#

This is hurting my heart so much right now

#

Can you really not help me with my question until I do this verification?

fathom pendant
#

I don't like diverting channels off-topic

hallow summit
#

Can you dm me then?

fathom pendant
#

You can use the web version of discord if you can't/don't want to download desktop

fathom pendant
fathom pendant
hallow summit
#

Okay you guys seem a bit stuck up and I’d rather not have ur help then

#

Bye

#

No Marcie

fathom pendant
#

I just don't do help with starting-point stuff

#

I haven't touched it in ages

#

So i wouldn't be of much help

hallow summit
#

Yeah but the way I ask for help and you’re just like β€œno”

#

Just cos you don’t know me, have some manners

fathom pendant
#

Because you asked a yes/no question

hallow summit
#

So you just follow rules your whole life?

fathom pendant
#

And i might be busy

#

Either way we're diverting off-topic; i gave you ways to solve the issue of getting your account ID so that you can verify and get help in proper channels

#

I get you may be frustrated with the lab, so I'm not taking your frustration personally. I used to work helpdesk, so par for the course

hallow summit
#

So I have one question and the way to get ONE answer I have to download discord on computer, find my details for discord, wait for email verification for discord, do the account verification thing, ask my question again, wait for a response ?

#

All because you don’t want to spend 3 minutes

fathom pendant
#

Thats the way this server operates, yes

hallow summit
#

That’s the way you choose to operate it though

fathom pendant
#

Not to mention verification unlocks a whole host of other channels

hallow summit
#

Because you’d rather just not help me in dm

fathom pendant
hallow summit
#

U could dm

#

U just didn’t want to

fathom pendant
#

As i told you; haven't touched starting-point in ages

#

And i don't have notes on it

#

So it'd be pointless

hallow summit
#

But u do know about git clone if ur beyond starting point and if its basic?

fathom pendant
#

git clone <link to repo>

#

That easy

hallow summit
#

Yeah exactly so my question wasn’t anything you’d need notes on

#

It was literally how do I know where it goes after doing that command?

fathom pendant
#

It tells you where it downloads to

#

Cloned to <directory name>

#

Usually directory name is the same as the repo name

#

This is also stuff you can quickly and easily Google, instead of getting riled up over it.

#

First result on google

keen needle
hallow summit
#

I’m not riled up over looking it up, I get annoyed that everything is made so complicated because people have egos

#

Thank you for explaining it to me

fathom pendant
#

I don't have an ego

hallow summit
#

That’s literally all I needed

fathom pendant
#

An ego would be me telling you "skill issue, read the docs"

hallow summit
#

So if u needed help and I said β€œno” and that was it

#

You’d be like such a nice lady?

fathom pendant
#

I'd be like "eh ok"

#

Not looking deeper into it

hallow summit
#

Yeah because you like rules though

fathom pendant
#

Not sure where you're getting at with this

hallow summit
#

You just helped me

#

Why act like I was asking for so much

#

It took 5 seconds

fathom pendant
#

I just think you're reading too much into it

#

I don't dm regarding most things

#

Only dms are open for:

  • server related issues bc mod
  • business reasons
#

Thats it

hallow summit
#

Why are you on here if not to help people with htb?

fathom pendant
#

It's not solely bc "rules" it's because in my experience; people tend to ask questions in dms that extend way past their original question i agreed to

#

I do help; but it just depends on the topic

#

If it's a module I've done? Sure I'll give a nudge or two

#

Most things beyond that, if it's not to do with moderating the server - i tend to stay in my own lane

hallow summit
#

Your profile literally says offering mentorship and tutoring but okay idm that but I was asking for something so easy for u, it shouldn’t have been so hard to get it

fathom pendant
#

I don't do much mentor/tutor outside that, and it's not free

median meteor
#

Hey! Anyone completed Android fundamentals? I'm bit stuck for question that asks for build number when there is need to create avd - Pixel 3a API 34 Google APIs, build number is the one from settings, right?

hallow summit
#

Btw Marcie Appointment Write-Up has wrong instructions

#

I don’t know if they updated it

fathom pendant
compact patrolBOT
hallow summit
#

No im just saying thats why im asking my question

#

It’s not googleable like that

fathom pendant
#

Tools update, syntax changes, life moves on

hallow summit
#

How long did it take you to learn pen testing Marcie?

fathom pendant
#

Well it would have been faster but a bit over a year

hallow summit
#

Ohh so you did it during a time when there wasn’t hack the box?

fathom pendant
#

No

hallow summit
#

Or did u learn from hack the box?

fathom pendant
#

Life stuff happened

#

So had to take a break

hallow summit
#

Oh sorry

#

It seems like it’s better now though?

#

Also did u have background in learning this stuff before hackthebox or were u completely new?

fathom pendant
#

Didn't even know what nmap was

hallow summit
#

Oh

#

K well thanks

jagged vault
#

@thin citrus please I'm stuck with another question

The question says Find out the machine hardware name and submit it

Have tried but not getting it

fathom pendant
jagged vault
#

@fathom pendant no

fathom pendant
#
  1. Instead of @ someone; the reply feature exists
  2. What module and section then?
jagged vault
fathom pendant
novel onyx
#

I have a question if anyone is available?

jagged vault
median meteor
fathom pendant
fathom pendant
jagged vault
fathom pendant
#

We don't do that here; see #rules

fathom pendant
jagged vault
fathom pendant
#

I believe the section gives you info on how to ssh

jagged vault
fathom pendant
#

Different sections of the uname -a are for Different things

#

I believe the section goes over this

jagged vault
#

Because I have issues with installing Linux on my pc

fathom pendant
#

(On free account)

alpine ingot
#

Im on the skill check part of the linux local priv esc and i cannot get flag4. I'm pretty sure its something to do with mysql but i cant get the login.

thin citrus
#

@jagged vault look at uname -h for options

fathom pendant
alpine ingot
#

I'm cooked 😦

fathom pendant
#

Take a step back and re-evaluate your situation. Try everything that was taught, even things like default passwords or history

alpine ingot
#

😦 if its a default password im going to probably think about it for the next 3 days.

#

thank god its not but im still stuck. I will msg back if im still stuck in like 10 minutes

alpine ingot
#

yeah still nothing.

grand cobalt
thorny vigil
#

I've tried all its not accepting anything anyone know what is it?
I've tried -
MAC
MAC address
Hardware address
Ethernet address
Physical address

image.png
fathom pendant
thorny vigil
fathom pendant
#

name is slightly more helpful for other users in the future if they run into the same issues

thorny vigil
#

Intro to Network Traffic Analysis -Networking Primer - Layers 1-4

fathom pendant
#

it's in that format several times in the section

thorny vigil
#

Appreciate the help Marcie! Honestly though, they really should mention the format requirement in the question itself. Spent way too long trying every valid term-would’ve been so much easier if it just said 'use word-word format' upfront

fathom pendant
#

3/5 times that "MAC" appears, it appears with the hyphenated spelling

#

the only time it's not is when they define what MAC is (Media Access Control) or with the separation (IP and MAC)

thorny vigil
#

If a question is about technical accuracy, the format shouldn’t be a guessing game.

fathom pendant
#
  1. Can't access #general ?
  • read and follow #welcome, there are instructions at the bottom of that channel for connecting your HTB labs account to gain access.
  • The "Finished Reading Go to <channel>" is a byproduct of Discord, it's not something that HTB can control, it's just how the Read Only channels work.
  1. Want to post images/embed so it's easier to explain your issue?
  • see above, in order to prevent trolls and spammers we limit the embed perms in the academy channels to verified/linked users only
  1. Having a technical issue with a module?
  • If you believe it to be an issue with the module itself, and not with your methods -- #1234357888114364508 with the module and section name (I.E. Getting Started - Introduction) that way the staff that handles it can check and update accordingly, even if it's just a typo.
  1. If it's not an issue with the module itself, ask here and provide the module and section name -- plenty of people in the community willing to help, if you need to reveal syntax redact things like subdomains, usernames, and passwords, spoiler tags don't really do much, since anyone can click on them.
  • common redaction format for usernames and passwords is first character followed by an asterisk * w* (for example for a username like will);
  • common redaction method for subdomains/domains would be like x.example.local, or sub.do.main
  • If you're unsure of the module/section name you can look at the top left of the page (scroll to the top) the module name will be at the top with a ❀️ next to it, the section name is just below that.
  1. Curious how the cube system works and the subscriptions?
  1. Your question is unrelated to academy?
  • see point 1, linking your account grants access to a lot more of the server.
thorny vigil
#

Just saying... if the answer is technically correct but still wrong because I didn’t match their secret hyphen club formatting - that’s not assessment, that’s trivia night 😎

fathom pendant
fathom pendant
vocal galleon
#

Can someone help me with the third flag in the Active Directory Trust Attacks – Skill Assessment module?

fathom pendant
#

Weird that it's trying to connect to mit for the proxy

sick whale
#

Hello hello,

Quick question on Lateral Movement (Windows).
On the WSUS part, I followed all the instructions, user now is part of Admin group. Yet...

Somehow flag isn't where it should be according to the question. What did I miss?

image.png
rose stratus
fathom pendant
#

Wait; misread

#

Ignore me

weak current
fathom pendant
weak current
#

alright its just like a random Jane Smith and really long custom wordlist

fathom pendant
#

Yep. And they tell you how to shorten the list

cerulean hinge
#

I'm finally done with all the module of the CPTS course (outside the reporting one I keep for few days before the exam).
I wanted to try to do a prolabs to keep working on my methodology & enumeration skills but I don't know which one to take between P.O.O, Zephyr & Dante. Do you have any advice please ?

fair cloud
#

am i supposed to use pwnbox or am i allowed to use my own openvpn+vm setup, for doing exercises on the modules

#

i accidentally closed my pwnbox so i went w ovpn+vm, but some commands are funky

#

for example, ls does not work (shows no input), and i tried sudo'ing it but it was a nono

gray yacht
fair cloud
#

open kali running on vm > openvpn > ssh

fathom pendant
magic mango
#

on the final part of SMB Footprinting. The question is: What is the full system path of that specific share? (format: "/directory/names")

I feel like i've used the right cmd but i'm getting C:\ and the hint states linux doesn't use C:\ what am i missing?

undone juniper
cerulean hinge
#

Bruh, if I were able to do the APTLabs, I wouldn't be worried about the CPTS exam

undone juniper
#

Better go with Zephyr then haha

cerulean hinge
#

Ok thanks !

wet arrow
#

e.g. for users folder
Windows C:\ Users\john
Linux: /home/john

magic mango
wet arrow
cloud urchin
#

@wet arrow please be sure not to reveal content from modules above tier 0, including commands, IP addresses you need to find, etc.

small willow
#

Can anyone help me setup the introduction to malware analysis debugging lab. I'm using the pwnbox for INetSim but its saying failed when I try and run it

cloud urchin
#

@small willow Please do not reveal content from modules above tier 0

quiet halo
#

what's the difference between LSA and LSASS?

#

the password attacks module pretty much explainst it to be the same

fathom pendant
quiet halo
#

yeah I found that when I googled it

#

to me, it's seems like it the same thing

#

also, i'm so confused on what the diff between LSASS and Kerberos is. I keep seeing that LSASS is still used to authenticates users even when the computer is domain joined. I thought that's what Kerberos is for.

#

my undertanding is that LSASS is used on non-domain computers

#

and Kerberos for domain-joined computers

cloud urchin
#

Kerberos is a network authentication protocol used in domain environments that identifies securely using tickets. LSASS is a Windows process that enforces security policies and manages authentication, including Kerberos and NTLM. Basically Kerberos is an authentication protocol while LSASS is a process/service that implements and manages authentication methods.

#

No. Not what this discord is for.

#

This server is for discussion about HackTheBox's various platforms, it's not a hacker for hire server.

late jungle
#

There are two directories that I want to list the contents of. I've done it with public and it worked. However, I'm unable to do the same on Anonymous Share. I've shared the error below.

image.png
# 
rsync --list-only [IP]::Anonymous Share

@ERROR: Unknown module 'Anonymous'
rsync error: error starting client-server protocol (code 5) at main.c(1863) [Receiver=3.2.7]

#

(Note: I do not actually need to access Anonymous Share to complete the module but I just want to try stuff)

ocean night
#

Which module is this for?

#

This channel is for Academy modules

heavy hearth
forest panther
#

Hello Everyone, I would like your opinion regarding HTB Academy,

I'm doing the Bug Bounty Hunter program,

Currently on Using Web Proxies. On step 3 out of 4 it asked me to Fuzz the last character of the 31-characters to submit the completed md5 hashed cookie.

I felt the Academy didn't go into much detail of encoding chains. I found myself doing research outside of the Academy. [Being in IT for 8+ years, I'm aware a lot of troubleshooting/learning is researching.]

For those who have used HTB Academy, do you find it informative and straight forward or do you find yourself still researching to understand your objectives more clearly?

naive fulcrum
#

I got a special code from hack the sphere (the April fools event). Where do I use it and what does it do?

ocean night
naive fulcrum
#

Thx

waxen totem
forest panther
desert pelican
#

Anyone can help me?
I get this error when I followed steps as is.
Start-Dnscat2EncInit : Failed to negotiate encryption. Ensure your dnscat2 server is set up correctly.
At C:\Users\htb-student\Desktop\dnscat2-powershell\dnscat2.ps1:1462 char:20

  •     $Session = Start-Dnscat2EncInit $Session $False

  •                ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    • CategoryInfo : NotSpecified: (:) [Write-Error], WriteErrorException
    • FullyQualifiedErrorId : Microsoft.PowerShell.Commands.WriteErrorException,Start-Dnscat2EncInit
waxen totem
waxen totem
weak current
desert pelican
waxen totem
#

can the client machine reach the server machine on port 53? (you can use nc.exe to confirm this)

desert pelican
# waxen totem are you positive that it's running?

Sry, I got this
dnscat2> window
0 :: main [active]
crypto-debug :: Debug window for crypto stuff []
dns1 :: DNS Driver running on 10.10.14.183:53 domains = inlanefreight.local []
dnscat2> /home/a/dnscat2/server/libs/swindow.rb:381: [BUG] Segmentation fault at 0xffffffffffffffff
ruby 3.1.2p20 (2022-04-12 revision 4491bb740a) [x86_64-linux-gnu]

-- Control frame information -----------------------------------------------
c:0004 p:---- s:0019 e:000018 CFUNC :join
c:0003 p:0005 s:0015 e:000014 METHOD /home/a/dnscat2/server/libs/swindow.rb:381
c:0002 p:0867 s:0011 E:000bd8 EVAL dnscat2.rb:217 [FINISH]
c:0001 p:0000 s:0003 E:001180 (none) [FINISH]

-- Ruby level backtrace information ----------------------------------------
dnscat2.rb:217:in <main>' /home/a/dnscat2/server/libs/swindow.rb:381:in wait'
/home/a/dnscat2/server/libs/swindow.rb:381:in `join'

-- Machine register context ------------------------------------------------
RIP: 0xffffffffffffffff RBP: 0x000055580ac55320 RSP: 0x00007ffe86c415b8
RAX: 0x0000000000000000 RBX: 0x000055580ac59308 RCX: 0x00007efe3211b316
RDX: 0x00007ffe86c415c0 RDI: 0x000000000000001c RSI: 0x00007ffe86c416f0
R8: 0x0000000000000008 R9: 0x0000000000000000 R10: 0x0000000000000000
R11: 0x0000000000000293 R12: 0x0000000000000000 R13: 0x00007efe325ae220
R14: 0x0000000000000000 R15: 0x00007efe31fc3f50 EFL: 0x0000000000010293

waxen totem
desert pelican
#

how do I resolve this?

waxen totem
#

You doing this on the pwnbox or your own vm?

desert pelican
#

my own machine

#

shall I do it on a pwnbox?

waxen totem
#

use the pwnbox to get through the section for now, I recommend uninstalling dns cat on your main machine for now

#

I assume it's a ruby version mismatch but it's hard to say

desert pelican
#

I'll try that tomorrow morning after a sleep. thanks for the tip

thin citrus
#

Anyone for SA advanced XSS and CSRF availible?

acoustic owl
cloud sinew
teal stirrup
#

Anyone else having ovpn file issues. Can't connect to anything.

acoustic owl
cloud sinew
teal stirrup
#

ok now it's working I have no idea

acoustic owl
compact patrolBOT
cloud sinew
silk lagoon
#

For Broken Authenticaion - Brute-Forcing Passwords

in the grep command; i first gunzip .gz txt file, then it after I run the command gives me a binary file matches, after I used grep -a and still the same. Am I tripping??

#

The one in Passwords/Leaked-Databases/ didn't work.

silk lagoon
# 
grep: /usr/share/wordlists//rockyou.txt: binary file matches


grep: (standard input): binary file matches
placid scroll
#

Hey there, I'm having a silly issue on The Anatomy of a Shell, https://academy.hackthebox.com/module/115/section/1103

The task is really simple and just asks for the version of Powershell. However, tried running $PSversiontable and inputting the version in any variation I can think of (7.5.0, PowerShell 7.5.0, PS 7.5.0) and much more. I've also tried manually brute forcing every major version of PowerShell down to 7.0.0, like "7.4.6", "7.4.5", "7.4.4" etc.

I've also tried all the other numbers listed there, like 2.3, 1.1.0.1 etc.

I keep getting "Error Incorrect Answer". It doesn't much matter as it's kind of a silly task, but I do want that checkbox and it does bother me, lol.

Do I really have the wrong answers (or wrong format) or is this a bug (perhaps the Pwnbox PS version was updated since this module was made)?

Screenshot_2025-04-08_at_2.42.41_PM.png Screenshot_2025-04-08_at_2.45.49_PM.png
autumn pilot
#

read the question again

placid scroll
#

Silly me... Got it now. I could have sworn I already tried that in various variations, but obviously Imust have missed the very basic one. Thanks.

thin parrot
#

Is anyone having an issue with target web pages taking 5+ minutes to load?

#

Trying to pull up a web page in portswigger and it.. just isnt

#

On my pwnbox, through firefox, it took minutes

#

This one is still going 5+ minutes later

#

Also very frustrating that we're suddenly expected to know how to use burpsuite when it still hasn't been introduced in the pen testing line πŸ˜“

#

nvm.. think i have it figured out finally

#

oh man thats incredible you can literally STEP between each request???? Why has this not been introduced already god I love this

hearty fox
#

Did somebody solve the exercise "PEAP Relay Attack" in the "Attacking WPA/WPA2 Wi-Fi Networks" module (https://academy.hackthebox.com/module/282/section/3176)? The wpa_sycophant script cannot be started:

wifi@HTB-Corp:~$ sudo /opt/wpa_sycophant/wpa_sycophant.sh -c wpa_sycophant.config -i wlan2 SYCOPHANT : RUNNING "./wpa_supplicant/wpa_supplicant -i wlan2 -c wpa_sycophant.config" SYCOPHANT : RUNNING "dhclient wlan2" /opt/wpa_sycophant/wpa_sycophant.sh: line 61: ./wpa_supplicant/wpa_supplicant: No such file or directory

I fixed line 10 to
supplicant="/usr/sbin/wpa_supplicant"
then the script starts but doesn't show the ASCII art and will fail EAP authentication:
wlan2: CTRL-EVENT-EAP-FAILURE EAP authentication failed wlan2: CTRL-EVENT-DISCONNECTED bssid=dc:4b:03:39:bd:7a reason=23 wlan2: CTRL-EVENT-SSID-TEMP-DISABLED id=0 ssid="HTB-Corp" auth_failures=2 duration=39 reason=AUTH_FAILED

Can anybody help?

thin parrot
#

Shells & Payloads assessment seems to be impossible

Referencing "The Live Engagement"

You're required to do everything through the parrot vm that you connect to through XfreeRDP. However this VM is unequipped with any sort of internet browser which the literal second question requires you to utilize taking the reverse shell route.

#

I've been here for an hour trying to figure a way around this but have found no resolutions. I'm going to bed but please ping me with a fix or whatever I'm doing wrong please.

#

I'm still struggling to figure out how you're supposed to know to use a ||stageless attack|| and as to which ||payload to use, in this case I'm seeing people using java_jsp shell.war|| I'm pretty lost as to how to approach any of this and I'm feeling too overwhelmed to even think straight. The lack of resources to cover these topics directly is exhausting.

safe star
thin parrot
#

I’ll figure that out in the morning then. I’m still not sure how the fuck im supposed to know which specific war payload to use. Everywhere online only shows answers no methodology or explanation of logic behind it.

tender nimbus
#

Hey guys does anyone know how to convert a ntds.dit dump file in a hashcat format for cracking?

forest panther
# cloud sinew With the amount of issues I'm having with trying to connect to their Window mach...

Yes, the fact that I paid for the course, I was expecting to be presented with some in-depth concepts that would be difficult to obtain elsewhere. It looks like the content that we are paying for isn’t necessarily a hand-holding class. It’s more like we’re simply paying for the environment (infrastructure) that they had configured to test our skills. With just enough context and concepts to get you thinking.

What’s your issue with connecting?

junior roost
#

I have an issue here either my scans are not giving me the right service or HTB needs to review,
i am working on Pentest In A NutShell >> Linux Pillaging >> Which version of vsftpd is installed on the target system? (Format: x.y.z)
PORT STATE SERVICE REASON VERSION
21/tcp open ftp syn-ack ttl 63
| fingerprint-strings:
| GenericLines:
| 220 ProFTPD Server (Debian) [10.129.233.210]
| Invalid command: try being more creative
|_ Invalid command: try being more creative
22/tcp open ssh syn-ack ttl 63 OpenSSH 8.9p1 Ubuntu 3ubuntu0.7 (Ubuntu Linux; protocol 2.0)
| ssh-hostkey:
| 256 3e:ea:45:4b:c5:d1:6d:6f:e2:d4:d1:3b:0a:3d:a9:4f (ECDSA)
| ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBJ+m7rYl1vRtnm789pH3IRhxI4CNCANVj+N5kovboNzcw9vHsBwvPX3KYA3cxGbKiA0VqbKRpOHnpsMuHEXEVJc=
| 256 64:cc:75:de:4a:e6:a5:b4:73:eb:3f:1b:cf:b4:e3:94 (ED25519)
|_ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOtuEdoYxTohG80Bo6YCqSzUY9+qbnAFnhsk4yAZNqhM

There is proftpd no vsftpd

snow wolf
#

did you try -p- --min-rate=1000

junior roost
#

-sVC -vvv -Pn

junior roost
snow wolf
#

I'm new here so my questions might be dumb

junior roost
#

Nah no dumb questions

snow wolf
#

maybe vsftpd is on a port higher than the default 1000

#

but default seems to be 21 so..

ionic musk
#

Hello everyone... I just got access to a box and I discover a sub-domain that is not reachable from the outside. The web server running behind it is nginx. I can reach the root domain soccer.htb but not soc-player.soccer.htb. I've already updated my /etc/hosts. Every time I try to navigate to soc-player.soccer.htb, I get a 502 error. Can anyone help me solve this problem?

brave prawn
#

Can I DM someone on module "Introduction to Crackmapexec" skill assessment?

forest panther
#

@junior roost , it may be the flag your using. I’ve had some issues where I know a service is on the machine but couldn’t get nmap to detect it until I had the correct flag in.

ionic musk
glass locust
glass locust
shadow grove
ionic musk
dark jay
#

hello

#

can anyone help with linux privillege escalation?

ionic musk
#

Thanks a lot @shadow grove . It worked for me.

raw bear
#

hey there, lately I'v been struggling a lot to complete my rooms because of poor performence of htb servers, I keep getting timed out while bruteforcing, connecting to any service etc... this is slowing me down to crazy extents. Is there any way to fix that ? I tried switching servers, vpn protocol (udp/tcp) etc... but yeah nothing seems to work my connection to the target is always bad, (from my own machine throught vpn or from the pwnbox)

autumn pilot
#

reach out to support via the website and the green bubble

raw bear
#

tried that but the chatbot keeps telling me that I should look for support somewhere else

image.png
glass locust
autumn pilot
#

change the context of the support inquiry and deliberately ask to contact a human

fathom pendant
dark jay
#

well on the first module Enviroment Enumiration any ideas or give me directions on what to look for

image.png
raw bear
glass locust
dark jay
#

yea so flag should conatin HTB{ ....... smth()} as far as we know and i just bash script for potential flag files right?

#

seems fun ):: i hate linux priv esc

glass locust
#

simple find / grep should work as long as you filtering by a filename

dark jay
#

yea thanks!!!

fathom pendant
dark jay
misty jewel
#

Hi, is there a way to copy the entire config (appearance, menus, terminal, etc.) from the Pwnbox to my local Parrot OS vm (HTB)?

fathom pendant
#

I mean you can just install the htb version of parrot

#

It'll be close enough

#

But you'd have to dig through configs and .bashrc to mirror it exactly

misty jewel
#

I did, but there's still quite a big difference. The matemenu is also designed differently (the VPN indicator, etc.). I was thinking maybe there's a way to apply it automatically to every VM. Thanks for the quick reply! πŸ™‚ I guess I'll dig through the configs then.

dark hedge
#

you can steal the .bashrc to get the bash prompt

#

the MATE terminal colors you can also steal if you go to the settings

misty jewel
#

ohhh, thats awesome @dark hedge ! so, just the .bashrc and terminal colours etc. trough the interface? thanks for helping out! πŸ™‚

dark hedge
#

yea. you'll also have to configure the MATE bar or whatever it's called

misty jewel
#

okay, thanks alot!

late jungle
dark jay
#

this command is right but it does not return anything

#

maybe the server is down or smth do any of you have any idea?

fathom pendant
#

Why not connect via openssl

dark jay
#

yea i did it with openssl

#

but curl should have worked also

#

idk

fathom pendant
dark jay
#

oh reaaally?

#

nah bro chatgpt tricked me he said that command should work

fathom pendant
#

Also i believe the section shows some curl commands, could be wrong though

dark jay
#

with K

fathom pendant
#

are you connected to the vpn and spawned target Β―_(ツ)_/Β―

#

Idk specs can change