HTB Ghost
by not_a_30t - Saturday July 13, 2024 at 12:23 PM
Banned

Posts: 36
Threads: 3
Joined: Sep 2023
Reputation: 0

#1
07-13-2024, 12:23 PM
https://app.hackthebox.com/machines/616
All the Best for pwning HTB Ghost an Insane Machine
Reply
RaidForums
Member
Posts: 5
Threads: 0
Joined: Jun 2024
Reputation: 0

#2
07-13-2024, 07:29 PM
subdomain found: https://federation.ghost.htb/
Reply
Advanced User

Posts: 89
Threads: 2
Joined: Feb 2024
Reputation: 0

#3
07-13-2024, 07:56 PM
There is a Ghost CMS on port 8008 (http://ghost.htb:8008/)
Reply
RaidForums
Member
Posts: 4
Threads: 0
Joined: Aug 2023
Reputation: 0

#4
07-13-2024, 11:18 PM
(07-13-2024, 07:29 PM)chewablechunk01 Wrote: subdomain found: https://federation.ghost.htb/

I think it's a False positive

Login form at http://intranet.ghost.htb:8008/login
Reply
RaidForums
Member
Posts: 26
Threads: 6
Joined: Dec 2023
Reputation: 10

#5
07-14-2024, 02:22 PM (This post was last modified: 07-14-2024, 02:28 PM by BahsbFAISfjhb.)
https://intranet.ghost.htb:8443/login which has a link to https://intranet.ghost.htb:8443/api/login which is an ADFS login page
(07-14-2024, 02:22 PM)BahsbFAISfjhb Wrote: https://intranet.ghost.htb:8443/login which has a link to https://intranet.ghost.htb:8443/api/login

Also has a TM for © 2018 Microsoft, might be something vulnerable here, can't find any relevant CVEs though
Reply
RaidForums
Member
Posts: 6
Threads: 0
Joined: May 2024
Reputation: 0

#6
07-17-2024, 04:52 AM
Guys anyone solved the challenge or progressed any bit???
Reply
RaidForums
Member
Posts: 9
Threads: 0
Joined: Apr 2024
Reputation: 0

#7
07-17-2024, 08:24 AM
(07-17-2024, 04:52 AM)Pie17 Wrote: Guys anyone solved the challenge or progressed any bit???

There are two other thread

Discussion: https://breachforums.sb/Thread-Ghost-Insane

Easy(solution) sounds like with evil-winrm connection commands https://breachforums.sb/Thread-Ghost-Ins...y-solution
Reply
Banned

Posts: 37
Threads: 0
Joined: Jan 2024
Reputation: 0

#8
07-23-2024, 08:49 AM
is there a way for bruteforcing the ldap password without using that script?
Ban reason: Leeching | http://breachddyfwvcp4kzccos5oxtdbssmfbp...an-Appeals if you feel this is incorrect. (Permanent)
Reply
RaidForums
Member
Posts: 1
Threads: 0
Joined: Jul 2024
Reputation: 0

#9
07-28-2024, 10:31 AM
(07-13-2024, 11:18 PM)timizart Wrote:
(07-13-2024, 07:29 PM)chewablechunk01 Wrote: subdomain found: https://federation.ghost.htb/

I think it's a False positive

Login form at http://intranet.ghost.htb:8008/login
 which tool help's you to find this sub-domain
Reply
RaidForums
Member
Posts: 48
Threads: 1
Joined: Sep 2023
Reputation: 0

#10
08-06-2024, 12:16 PM
anyone knows the hash admin can he drop it
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  [FREE] 300+ Writeups PDF HackTheBox/HTB premium retired Tamarisk 360 88,710 03-28-2026, 09:28 AM
Last Post: catsweet
  [FREE] HTB-ProLabs APTLABS Just Flags kewlsunny 23 2,348 03-28-2026, 03:30 AM
Last Post: lulaladrow
  [MEGALEAK] HackTheBox ProLabs, Fortress, Endgame - Alchemy, 250 Flags, leak htb-bot htb-bot 87 7,490 03-27-2026, 07:22 PM
Last Post: stn
  HTB Eloquia User and Root Flags - Insane Box 69646B 13 350 03-27-2026, 06:14 PM
Last Post: vlxw
  HTB - ALL Challenges you Stuck in osamy7593 2 646 03-27-2026, 04:24 PM
Last Post: catsweet



 Users browsing this thread: 1 Guest(s)