Hey, I have question considering the Active box's root. I have obtained the administrator hash with the impact tool. Now I am using Hashcat to decrypt it but I dont seem to get any relevant output from it. Command that I am using is just: hashcat -m 13100 hash.txt -w 3 -a 3. What am I doing wrong?
i have some problems with the yPuffy machine. My nmap brute force never get a success. Did you use another technique?
Are there any problems on your machine because my nmap ldap brute force get no success.
Hey man I need a hint for initial access on tartar I have found the 2 api's I have not logged into Wordpress but have into monstra can't do anything in monstra so im stuck....
Been at this for 2 weeks maybe just a tunnel vision thing. I notice Wordpress redirects me on every link so I used burp to get around these redirects. However, still have not logged in correctly
Hey man I need some help on this dang tartar box lol I found both API's did some enumeration on Wordpress and also tried a couple of basic things on the monstra api (file upload,add user, add plugin). For Wordpress I still don't have access. It seems as if Wordpress is a rabbit home. I see It adds my IP address to the url address and redirects me accordingly. I used burp to get around this however still don't have access to the admin page of that API.
I have already enumerated what I think is everything for about 2 weeks lol
Hey man did you figure out initial access for tartar I found both API's but not sure what to do from here? Wordpress scan shows some interesting things but not sure how to use any of them.
Did you get Dev0ops root yet? Happy to provide a hint, let me know where you're stuck.
Looking for a little help on Active. I'm not sure if I'm trying to do the wrong thing or if my tools are just misconfigured, which seems like a common problem for this machine.
Where I'm at: I have user, have authenticated SVC_TGS smb access to 5 share drives (just not ADMIN$ and C$), have several tools that haven't helped very much, and have the ServicePrincipalName for active/CIFS:445. I've read a lot of articles, most of which seem to be powershell-based. Am I just using my tools wrong, or are they misconfigured, or am I just way off the mark?
Hi ! I just need help with giddy ! I already have a user stacy but not a password.
Hey man how's it going I am working on the Waldo box managed to get LF, then user then escape the shell and finally working for what seems root but can't managed to get a foothold and it seems that I do not understand the capabilities misconfiguration that seems to get me flag am I searching for a shell or just Read?
Hi, I have seen on forum that you solved the bitsnbytes challenge. Could you give me some hints? I compared it with magick but cannot read out anything from the pic.
man can you give me a hint to enumerate this box its been a nightmare
can you give me a hint on canape please. i have the u*****e working recreated in my environment and had the hash file path working however keep getting 500 errors??
Hi, I have seen that you rooted waldo, can you help me? I managed to escape the jail, I see the restrict script and the logmonitor app, but have no clue where to go. Thanks!
Hello, can you help me with a nudge about dab's user??? i have tried modifiyng the jwt token adding password field, useng the "none" algorythm, but still cant log into the 8080's. am i missing something else that helps me out to encode a good JTWT token???