Hack The Box Bastion Forum. vhd or which is the way to start. i will try to complete the scri

vhd or which is the way to start. i will try to complete the script and if any on is interested, feel free to PM me May 15, 2019 · Allright i am sorry but i am stuck with the VHD files , don’t know what to do with them, yes i have got them but i don’t know how to extract any useful thing from them,any nudge in the right direction will be appreciated May 11, 2019 · Starting the conversation… 20 point box… thank god :smiley: Aug 30, 2019 · Starting the conversation… 20 point box… thank god :smiley: Aug 17, 2019 · Type your comment> @DameDrewby said: Type your comment> @bashocker said: Frustrating box for us new at pen testing. There is NO NEED to download the vhd files. Apr 30, 2019 · @xdaem00n Hello, I have mounted the unit . May 5, 2019 · Type your comment> @1c4re1337 said: my advice don’t really need to M*** V** just open it with 7** for example for user don’t search into B*** searh how to lo**on Root google is your best friend For root are we supposed to actualy decrypt the pw? My Windows box with a newer version of the program doesn’t recognize the pw? Apr 27, 2019 · Starting the conversation… 20 point box… thank god :smiley: May 31, 2019 · Quite a fun box - hit a few hurdles because I didnt have libguestfs-tools and cifs-utils installed but with them, it was nice and straightforward. I use windows and attach the VHD go thru the files inside found nothing. Switched to Windows last hurdle Aug 5, 2019 · Type your comment> @r0mka said: Type your comment> @MrJippolatta said: Having trouble mounting the VHD using guestmount - files aren’t showing up. Jul 25, 2019 · Rooted in Kali. Apr 27, 2019 · There is NO NEED to download the vhd files. no luck … pls share some hint. If you need anymore help shoot me a PM and I’ll be more than happy to assist! Jul 19, 2019 · This was great! Loved the experience! Love to know what someone used to decrypt admin, took me a bit because all of the scripts I tried failed. Learned alot from box… May 1, 2019 · Taken user and root! Thanks @L4mpje for the box! Feel free to dm for hints. Windows 10 worked fine for me for ‘reading the large file’. If you need assistance feel free to PM me on here or on Discord. No need for windows VMs or Apr 29, 2019 · I was just wondering if the v*d part can be done over powershell, if so we can install ps on linux and the do the stuff Aug 4, 2019 · Finally Rooted! Nice box, Thanks @L4mpje Thanks all for the help… Apr 28, 2019 · Machine owned. Message me if you’re May 1, 2019 · can someone explain to me from where did they got the . Got alot of positive feedback so far, thank you guys. You can get one free from Apr 27, 2019 · Type your comment> @B3LL4T0R said: Guys I found the RCE! that’s a rabbit hole ☹ May 11, 2019 · Got my 20 points for this fantastic and realistic box. Aug 23, 2019 · Super noob here, but I’m still trying to gain access to this box. Jun 7, 2019 · Type your comment> @qmi said: Type your comment> @illuminatiguy said: There are 2 vhd files! Should i combine them into one? or view them separately? No, no need to combine them. v** mounted, got the NT*M hashes but where do i go from there? Ive been stuck on this since 2 days ago! Maybe someone could PM me just 1 more step i would really appreciate it. I cant mount the . So I was able to create the h***. Can someone drop me a hint in PM? Jun 9, 2019 · Starting the conversation… 20 point box… thank god :smiley: May 3, 2019 · if anyone has rooted the box and has some pointers in the right direction dm me id be greatfull, thanks Check what applications are installed on the server. I got user hash though but seeing the discussion, i am afraid i won’t be able to get root. Xml file. Apr 27, 2019 · Starting the conversation… 20 point box… thank god :smiley: May 31, 2019 · Quite a fun box - hit a few hurdles because I didnt have libguestfs-tools and cifs-utils installed but with them, it was nice and straightforward. Actually it was simple, but I lost several hours trying to decrypt one thing, because I did not want to use one small tool downloaded from Net. Jul 10, 2019 · Had a lot of fun with this today, completed all with Kali, learning loads on the way! Apr 28, 2019 · was Bastion down and too slow with everyone or just Me face this issue Aug 13, 2019 · Rooted on Linux only. Five days on and off to fully root this box. But thanks to the work of @kmahyyg i owned the box completely from Linux. Jun 19, 2019 · Howdy all, this is my first real box to try. This will let you grab just the things you need. It’s possible. Is there anyone else who has the same problem? May 31, 2019 · Quite a fun box - hit a few hurdles because I didnt have libguestfs-tools and cifs-utils installed but with them, it was nice and straightforward. Google is your friend. Apr 27, 2019 · hey is the . txt with the files on the . Feel free to PM me with any questions May 6, 2019 · @k3NETicHEx said: Would anyone that was able to get root without windows mind DM’ing me for hints? I do not possess any window instances and all i’m seeing in the forum is that should be the path we take. Any suggestions? That’s the only one you should need Thanks! I have been trying to figure this part out for no reason Aug 2, 2019 · Rooted! Very nice box, it was my first windows box and I am beginner so learned few new tricks! Thanks L4mpje ! All via kali and terminal, no need to download vdi, no need to boot windows VM. Learned a TON from getting user, especially ways to avoid having to use a windows VM 🙂 I’m grateful it was something modern as well. Jul 31, 2019 · Very nice box, it was my first windows box and I am beginner so learned few new tricks! Thanks L4mpje ! All via kali and terminal, no need to download vdi, no need to boot windows VM. Root hint: Look for unusual programs, google that bad boy. I also learned a lot about a certain 3-letter file on Windows. Just to add it can be done with kali only, you don’t need a windows host to help. Just look into each and seek for info. Now I can kill the box and look for my next challenge. I think I have found the program and the Cg file. Lost a lot of time not using s** . I’m connected to the vpn and trying to crack the ssh password with hydra but no luck. Aug 5, 2019 · Type your comment> @MrJippolatta said: Type your comment> @r0mka said: Type your comment> @MrJippolatta said: > Having trouble mounting the VHD using guestmount - files aren't showing up. Rooted in Parrot Sec . dont over think its simple after the first mounting and the V**. Just hoping someone can DM, and help me through the steps, I’m not asking for exact answers. Is that the same for everyone else? May 13, 2019 · Can any one direct me in decryption of the password obtained from Co****. All in all very satisfied. Jul 24, 2025 · I had a great time installing and configuring the necessary tools for the Engagement of the machine, plus I was able to assimilate new concepts that I really did not know deeply. Usually enumeration and research is a drag but somehow this box made it seem interesting and achievable. Jun 4, 2019 · Starting the conversation… 20 point box… thank god :smiley: Aug 3, 2019 · Even though this is a “easy” machine, but it’s my first. Am I doing something wrong? Apr 28, 2019 · Iam also struggling to find the software Iam using win10 if this helps Jun 7, 2019 · i was able to mount the vhd files to my machine. Just a helping hand, thank you! Aug 4, 2019 · Starting the conversation… 20 point box… thank god :smiley: May 3, 2019 · Great box, thanks @L4mpje! And thanks @cyberus for hints. I have got the root hash w/o using Windows VM at all and by following the tips here in the forum thread. May 28, 2019 · With this box I recommend actually learning what is happening instead of just rushing through it to get it done. Dec 8, 2023 · This box covers realistic Windows environment misconfiguration such as unauthenticated file-shares, vulnerable apps, and insecurely stored password configuration files. use J** to crack it work great. In the second file I have found something which could possibly be de-crypted Jul 24, 2019 · Make sure to activate the Virtualize Intel VT from your CPU in the VM Settings otherwise you can’t mount inside kali another thing. Sep 7, 2019 · I wrote two write-ups for this box, this one solving it with Linux (Kali), Second one solving it with Windows (CommandoVM). I have managed to get the user text file based off the information in the forum so far but I am struggling with root/administrator. i have got through windows. Jun 14, 2019 · Type your comment> @M160 said: I have a question, so I’ve mounted the VHD file using guestmount, then after that I’ve searched through the directories but so far I didn’t find anything interesting. Am I on the right track or am I missing something? Apr 30, 2019 · Type your comment> @Vex20k said: I’m a bit stuck for root. Had to scratch my head for root, but at last I found out that i was looking at the right place but too deeply… Few tips: User: Enumerate everything and try everything. txt contents from desktop. If someone needs help let me know. Would you mind Aug 4, 2019 · I need to post a thank you to @jaywon because honestly without his help I don’t think I would’ve rooted this box when I did. Sep 8, 2019 · Hack The Box is a free, online penetration testing lab that lets newbies and advanced users alike practice their skills. There are tools that will let you navigate/browse through vhd files remotely, over the network. Getting user was a lot harder for me then root. I’ve done as much enumeration as I know how. You guys said you can mount the file but when i did that its still extremely slow to load. I confirm that I did not use small utility at the end. Utilising a machine vhd backup we dump the users password and use this to access the live system, only to find it has an administrator password stored within a configuration file which we can decrypt using the mRemoteNG. Tips: User is not the typical finding a . I’ve been looking at *R*NG and *PS-*in64 but I’m not sure. (no need 4 BF) and get back 2 them. I believe i’m on the right track but I could really use some direction. vhd a rabbit hole i keep getting booted trying to grab it any suggestions? May 12, 2019 · Very Good Machine, Today I learned a lot about so many things. PM me if you need help. I have also found the cC**. User hint: Don’t download, mount and then mount again. It was my first box and I learned so much! Thank you to @Blu3wolf as well for getting me on the right path. Very fun box, definitely learned a lot about mounting in linux. Can anyone help? This is my first box so extremely new. Apr 27, 2019 · Stuck now ive got access to the vhd files, a nudge in the right direction would be appreciated! May 1, 2019 · Rooted the machine. The adrenaline was at an all time high when I entered the admin mode oh god Sep 3, 2019 · Finally done with it. I tried to create a realistic scenario and I think it succeeded. May 13, 2019 · Type your comment> @vivek7497 said: i am going through the discussions here, and for some reason i have started to feel that i can’t do it on linux machine. . Root part was tricky without a windows vm. Not sure if this is a bug or May 3, 2019 · Idk if i understand mounting. One of them will be your friend 😉 Yeah figured that out, idk why i asked that stupid question! maybe desparation? xD Well, anyways, mounted the right one through the share Apr 27, 2019 · Starting the conversation… 20 point box… thank god 😃 Apr 29, 2019 · Hashcat worked fine, though. Would you mind May 9, 2019 · Got Root! Great box, and yeah use windows it help a lot ? Anyone who need helps feel free to PM May 6, 2019 · Type your comment> @1c4re1337 said: my advice 🙂 don’t really need to M*** V** just open it with 7** for example 🙂 for user 🙂 don’t search into B*** searh how to lo**on Root google is your best friend For root are we supposed to actualy decrypt the pw? My Windows box with a newer version of the program doesn’t recognize the pw? Jun 11, 2019 · Really am dying on root for this one… any hints welcome… I think ive done all my brain could conjure up as far as priv esc… just need a nudge… thanks. You’ll probably have to get a Windows VM set up. vhd what should I look for ? Greetings May 6, 2019 · hi, the connection seems very poor. And had to learn how to search in CMD. It’s a Windows box and its ip is 10. Aug 29, 2019 · Thanks @L4mpje, this was a nice box, certainly felt like a real world scenario. I t can’t install cryptodome module and Icouldn’t solve it. vhd files! John works fine (Tested) u probably didnt specify the hash type. A walk through on getting the invite code can be found here. This community is amazing and thank you everyone for being so open and helpful! Jun 4, 2019 · HTB ContentMachines windows swaim June 4, 2019, 6:09pm 381 bastion\administrator Apr 28, 2019 · Must say, one of the first machines I have done… Really enjoyed every minute and learnt a few new things as well! @L4mpje Amazing! Apr 29, 2019 · FINALLY got root… Great box about real world mis-configurations. Jul 9, 2019 · Rooted, all in linux… very nice box don`t get many windows boxes so it’s good to play with one May 10, 2019 · Starting the conversation… 20 point box… thank god :smiley: May 15, 2019 · Type your comment> @loln00b said: Rooted the machine. Had to scratch my head for root, but at last I found out that i was looking at the right place but too deeply… Few tips: User: Enumerate everything and try May 18, 2019 · Just rooted, anyone up for a discussion on their approach. Wondering indeed if that would be possible using Linux Yes, it’s possible. dont be afraid to get it wrong maybe its the syntax maybe its a sign in the syntax. Jul 30, 2024 · For me, Bastion was a bit hard machine to solve and took me a lot of time. I had a similar issue @gm0 , but samdump2 can do everything bkhive could from what I found on the internet. I completed another, with the help of a personal friend trying to “mentor” me if you will. py script. Any tips or hints toward the right direction? (I read earlier comments about windows enumeration, but googling that shows results where you already have access) Nmap is a good start, now just explore what you found, see what you can get Aug 6, 2019 · Hi this is my first Box. So I can use Kali tools in parallel, for investigating other stuff while using Windows tools only when absolutely needed. Feel free to PM for a nudge! Jul 21, 2019 · @raven37 - you need to access another service with the decrypted password for the user then get user. I completed this without the need for a windows VM which was great. PM if you need a nudge. *R*****NG was the way I got in. Thanks @L4mpje! PM me if you need any hints or nudges. Message me if you’re Apr 28, 2019 · Must say, one of the first machines I have done… Really enjoyed every minute and learnt a few new things as well! @L4mpje Amazing! Apr 29, 2019 · FINALLY got root… Great box about real world mis-configurations. any one have done through linux. For me at first it also was shown as empty when mounted but when i press tab few times i can see the folders, then just cd to any folder and all of them appears. FYI trying without any windows VM in place… I understand Sdp to be used for decrypting… but stuck in a stage where not sure how to open vhd files… tried googling enough. sir john no work for me, i type john hash and it say it it cant load, can asist me please John doesn’t work for anyone, u work for John. For me at first it also was shown as empty when mounted but when i press tab few times i can see the folders, then just cd to any folder and all of them Jun 10, 2019 · Rooted, thanks @L4mpje for creating this box. 10. Google it to find out nice & simple vulnerability in it. some tips : always check your syntax remember the ports that opened and use them. Jul 19, 2019 · Fastest box I ever went from user to root. so i have to switch my box to widows for password… Box was Awesome. i’ve nmapped and tried to google about vulnerabilities of ws2016 but with no luck or any idea. It is fair to everyone that I will say this here aswell, so everybody can read it. Could someone give a nudge? Thanks! you’re on the right track, do your research about that program now May 5, 2019 · Some one cam PM me how they have got credentials for root user. There is at least one, which is somehow different than the others. I would advise to try and use a Linux machine only, to practice mounting. Think about important files in windows Root: like this forum as stated what is on a typical windows build. May 9, 2019 · Got Root! Great box, and yeah use windows it help a lot ? Anyone who need helps feel free to PM Apr 30, 2019 · Hello, I just started scanning, tell me it’s necessary to download the . i have done till the file which has decrypted passwords but unable to get password. Very nice machine… We want more like these (Closer to real life) May 9, 2019 · Hi I have managed to find the S** file and im wondering where to go from here, i tried using O******K to get the pass but that doesn’t seem to work, any help would be appreciated! Apr 30, 2019 · Finally got root with assistance of Damedrewby and Last0x00… Very nice learning experience. Apr 27, 2019 · Hello everybody, Some people did send me a pm about the vhd files. Would like to know more from people who have rooted only by linux and if someone went from root to user instead of user to root. 🙂 Apr 27, 2019 · Type your comment> @FlompyDoo said: Isnt the box not open yet??? for real c00l hackers the opening of box is not necessary May 4, 2019 · @L4mpje Thanks for this box, this was a great experience ! Not hard, not easy, but definitely a realistic experience, I can’t wait to see what would be your next creation Apr 28, 2019 · Rooted both ways (Original program and the little famous program) PM for help. Chrix87 June 1, 2019, 4:26pm 367 Apr 27, 2019 · Starting the conversation… 20 point box… thank god :smiley: Apr 28, 2019 · Type your comment> @PavelKCZ said: I would like to know if there is someone who actually DID NOT used one small utility at the end of all things. Had a great time with it. Root part with the help off a Windows VM. Root: enumerate! Keep in mind is a realistic scenario and there are many articles about it, if you find something which is not usually installed google it! This box is not hard, but I’ve really enjoyed it! Thanks @L4mpje ! PM if you need some hints! May 1, 2019 · Hi, i’m a noob in hacking and I need some help, had been trying to get user and root for the past 2 days but unable to get anything. About the machine: I tried to May 31, 2019 · ROOTED! Got both user and root in Linux User: brasilian dance! mount and guestmount will let you navigate important Windows files with nautilus. I don’t believe Windows is needed for root at all - it could make things easier with user and the S** service as it’s native, but googling for “kali mounting (file type) over (protocol)” works very well. That’s the hint for the user. *ml file. is windows VM really that necessary? I tried on Linux for a long, long time. The key to solving this is lots of manual enumeration; during both the reconnaissance phase and privilege escalation phase. I have Google a lot and tried various methods, no luck. May 18, 2019 · Nice box. Jun 25, 2019 · Got user and root, thank you for the nudge @nobrainer and thanks for the awesome and practical challenege @L4mpje . He has become unavailable. Aug 29, 2019 · Thanks @L4mpje for a great first box and thanks for all of the hints on this forum! Definitely had a few /facepalm moments but an invaluable experience for my first foray into windows enumeration. Thanks to @L4mpje If anyone needs help feel free to ping me. Kali all the way. Thanks @L4mpje for the work <3 User part is easy to do from a Linux box. As for root, check the programs installed and then Google it. I’ve checked the installed programs as per the hints here, but I can’t seem to figure out what to use. vhd? Aug 29, 2019 · Thanks @L4mpje for a great first box and thanks for all of the hints on this forum! Definitely had a few /facepalm moments but an invaluable experience for my first foray into windows enumeration. vhd, as my command returns: “Device or resource busy”… any hints? May 1, 2019 · Starting the conversation… 20 point box… thank god :smiley: Aug 3, 2019 · finally got the user going on root. Any hint where I can find that “file”? someone already called this file USA uncle… Don’t you know the USA uncle? then google his location , if I remember VHD wasn’t only one, if you Jul 5, 2019 · Rooted! Really fun box, I’m working on bettering my understanding of Windows machines and this was really informative. Thank you to @L4mpje for this very real-life box! Also learned a few things about how to look into . You just need to find the right tool(s) to use at each point. I can only mount the large vhd but not the small one. 134, I added it to /etc/hosts as bastion. PP Sep 2, 2019 · Can anyone give me a hint about user about pass lenght, I’m cracking the password and already at 12 letters. htb. No need for a vm or to download the big files. I’ve found a few tools that are supposed to work but sadly i cannot get any of them to work correctly. Jun 5, 2019 · Type your comment> @p3tj3v said: Nice box. v*d. Wondering indeed if that would be possible using Linux show post in topic Topic Replies Views Activity CrimeStoppers Machines crimestoppers 53 7629 February 15, 2019 Kryptos Machines 109 13161 September 20, 2019 Remote Machines 1025 136311 March 27, 2021 LaCasaDePapel Machines 696 109525 Apr 30, 2019 · Re Windows VM versus Linux / which Windows version etc: In cases like this, I use socat to forward only the relevant port(s) from Kali to a Windows box. Everyone said this box was easy but I thought it was about medium. No need for windows VMs or May 10, 2019 · Starting the conversation… 20 point box… thank god :smiley: May 15, 2019 · Type your comment> @loln00b said: Rooted the machine. Aug 6, 2019 · So this is my first ever Hack attempt, so far i got the . Google and Stackoverflow are your friends here. I’ve only rooted the box one way. txt with creds. Apr 28, 2019 · Bastion was a relatively simple machine with the biggest issue steming from maintaining a connection to a remote mounted drive. Apr 27, 2019 · Stuck now ive got access to the vhd files, a nudge in the right direction would be appreciated! May 12, 2019 · Starting the conversation… 20 point box… thank god :smiley: Apr 29, 2019 · Think I got a user password, but I am stuck there. Chrix87 June 1, 2019, 4:26pm 367 May 19, 2019 · scrap that, got the hash worked out Jul 15, 2019 · I need help with enumeration, my first windows box after 3 linuxes, please DM Jul 15, 2019 · I have problems with this ****decrypt. But I used official installer of big utility) May 4, 2019 · Stuck in mounting the vhd on linux Is there anybody who can tell me? May 28, 2019 · With this box I recommend actually learning what is happening instead of just rushing through it to get it done. User was harder than root imo Quite simple and easy, box, I just SUCK at Windows 🙂 May 14, 2019 · still, i tried decrypting aes 128 bit cbc with python. Pm for help Jun 23, 2019 · Rooted w/o using Windows. Jun 5, 2019 · Rooted! Nice box. Greetings May 6, 2019 · Type your comment> @1c4re1337 said: my advice 🙂 don’t really need to M*** V** just open it with 7** for example 🙂 for user 🙂 don’t search into B*** searh how to lo**on Root google is your best friend For root are we supposed to actualy decrypt the pw? My Windows box with a newer version of the program doesn’t recognize the pw? Jun 11, 2019 · Really am dying on root for this one… any hints welcome… I think ive done all my brain could conjure up as far as priv esc… just need a nudge… thanks. However, you could do that. Fun box, not sure any need for a WIndows machine on this - managed to do it all from Kali easily. when you get what you need use the low port.