Hack the box bastion forum. So this is my first ever Hack attempt, so far i got the .

Hack the box bastion forum. Fun box, not sure any need for a WIndows Thanks @L4mpje for a great first box and thanks for all of the hints on this forum! Definitely had a few /facepalm moments but an invaluable experience for my first foray into Hints for this box: User - Enumerate, no need to transfer, well known tool for mount ing guests, get files pertinent to windows general security, extract what you need from it Root - Is all this vhd talk necessary for root or user? I found user password but don’t know what to do with it. v** mounted, got the NT*M hashes but where do i go from there? Ive been stuck on this since 2 days ago! Maybe Quite a fun box - hit a few hurdles because I didnt have libguestfs-tools and cifs-utils installed but with them, it was nice and straightforward. Starting the conversation 20 point box thank god 😃 Today we are working on Bastion, a retired Windows box from HackTheBox. tried I have problems with this ****decrypt. I got the encrypted password, or the Co*****s. Thank you to @L4mpje for this very real-life box! Also learned a few things about how to look into . The box is about weak authentication, and cracking a Today we are going to solve another CTF challenge called “Bastion” which is categorized as a retired lab developed by Hack the Box for the purpose of online penetration practices. I think that the machine is more like a medium one. Learned about smb enumeration. i’ve nmapped and tried to google about vulnerabilities of ws2016 but with no luck or any idea. Allright i am sorry but i am stuck with the VHD files , don’t know what to do with them, yes i have got them but i don’t know how to extract any useful thing from them,any Can someone help me with root. eu rated Easy. vhd files! John works fine (Tested) u probably Got a root Bastion was 3rd machine I owned both user and root but it was the easiest onedefinitely. I rarely checked this thread or tried to get help while pwning this machine. Let’s get started. I am really just starting in CTFs and it was a good box. xml. Kali all the way. py script. If you are still not sure, PM me show post in topic Topic Replies Views Activity Finally got root with assistance of Damedrewby and Last0x00 Very nice learning experience. Hack the Box is an online platform where you practice your penetration testing skills. Thanks. txt, now on to root show post in topic Topic Replies Views Find my comment on Page 6 of this forum It tells you exactly what needs to be done. Thanks @L4mpje ! show post in topic Topic Replies Views Activity CrimeStoppers Machines crimestoppers 53 Very Good Machine, Today I learned a lot about so many things. No need!! Got the user. So, I found a ruby script, and a python script for decrypting None works, outputs nothing. Any tips or hints toward guys my command get on top of the vhd horse is erroring out, Anyone to help? Starting the conversation 20 point box thank god 😃 Hashcat worked fine, though. Could use some help with this. After logging in, the software MRemoteNG is found to be Contents Hack The Box - Bastion Quick Summary Hey guys today Bastion retired and here’s my write-up about it. Any good resources for it? Or is Google the way to go? Reply rizemon • Additional comment actions Introduction Bastion is an easy Windows machine rated 4. 6. It was a nice easy box, unlike most of the other boxes this one had no web service running and unlike most Awesome, I want to get into hacking the boxes too. txt contents from desktop. Is there anyone else who has the same problem? Thanks @L4mpje, this was a nice box, certainly felt like a real world scenario. I’ve mounted the v** files and have looked in all the usual places for creds, but so far haven’t found Even though this is a “easy” machine, but it’s my first. Stuck on some probably really silly point for the user, found the thing suppose to find and used the one of two tools already Can someone PM me? I’m officially stuck and am not sure on how to proceed. Thanks to @L4mpje If anyone needs help feel free to ping me. This is a writeup on how i solved Bastion from HacktheBox. thanks to @r0mka on the tip finally i am in with good syntax !!! Got user and root, thank you for the nudge @nobrainer and thanks for the awesome and practical challenege @L4mpje . So this is my first ever Hack attempt, so far i got the . Just to add it can be done with kali only, you don’t need a windows host to help. I t can’t install cryptodome module and Icouldn’t solve it. 🙂. Bastion is an Easy level WIndows box which contains a VHD ( Virtual Hard Disk ) image from which credentials can be extracted. You just need to @raven37 - you need to access another service with the decrypted password for the user then get user. And vhd files and the password hash cracking for the special application ;D Could someone PM me with tips on what they used for JtR flags? I seem to be having trouble with that or any hints on which wordlist worked well for you. PM if you need a nudge. As I always do, I try to explain how I understood the concepts here from the Type your comment> @1c4re1337 said: my advice don’t really need to M*** V** just open it with 7** for example for user don’t search into B*** searh how to lo**on Root google is Just rooted, anyone up for a discussion on their approach. Edit: Figured it out, fun box a lot of stupid mistakes on my part. Initial Enumeration Our nmap scans reveal a number of Windows-related ports open, but minimal detail. Would like to know more from people who have rooted only by linux and if someone went from root to user instead I could use some hints if someone can pm me. hbbz odzb ybsmjiv nsx ipb ubys dger wfzi szjmdk mcrhn