SecNotes

189101113

Comments

  • edited January 2019

    Hey guys,

    I am able to launch "b***.exe" and I also ran enumeration on that ****x side, but still not seeing the way to get elevated Admin access on the W****** side. If you guys can give me a little hint it will be appreciated.

    Thanks,

    PP

    EDITED: There is a very good hint on previous posts! I got "root" and learned that all files needs to be carefully reviewed, even those that you think "nah, that file has nothing!"

    pp123

  • edited January 2019

    Would really appreciate a PM to discuss what I am doing wrong here.

    I have created a VM on my side and installed the same "things" on the VM to mimic secnotes. I can get the reverse shell I want from my VM, but I cannot do the same with secnotes. Is my shell just not stable enough to run either of the EXE's I am trying to run?

    The four-letter EXE with no args runs fine on my VM, but kills my reverse shell when trying on secnotes. The six-letter EXE with the "run" flag does the same. No matter what I try, I cannot keep my shell alive.

    EDIT: It was the reverse shell I was using. I had the "official" version from their site, but I grabbed a different version from GitHub, and it is now stable enough to run the four-letter EXE without crashing.

    n00b

  • @MakoWish said:
    Would really appreciate a PM to discuss what I am doing wrong here.

    I have created a VM on my side and installed the same "things" on the VM to mimic secnotes. I can get the reverse shell I want from my VM, but I cannot do the same with secnotes. Is my shell just not stable enough to run either of the EXE's I am trying to run?

    The four-letter EXE with no args runs fine on my VM, but kills my reverse shell when trying on secnotes. The six-letter EXE with the "run" flag does the same. No matter what I try, I cannot keep my shell alive.

    Seconded. I can get the four-letter exe running with no args but am not seeing how I can get Admin from that. Will keep poking if people would stop resetting the box XD

  • Just rooted! It wasn't what I expected for privesc but I guess I'll know better for future machines. For those needing that last nudge on privesc (assuming you're already onto a certain feature in this box) think of what's unique to this feature.
    Feel free to PM

  • i am stuck at login itself ... if i try to inject at login page i get 500 internal server error ..i dono how to do ..any hints would be great

  • Hey guys - would like a little bit of help please - managed to login to a particular service using some creds - cant seem to get any further!

    Please PM with any hints!

    CarterJ

  • @CarterJ said:
    Hey guys - would like a little bit of help please - managed to login to a particular service using some creds - cant seem to get any further!

    Please PM with any hints!

    can u provide some hints

  • edited January 2019

    r00ted - Thanks to those who gave me some hints!

    CarterJ

  • jajaj lol someone can give me any hint with the s**i ?? i'm crashing the server with my commands !

  • @EthicalHCOP said:
    jajaj lol someone can give me any hint with the s**i ?? i'm crashing the server with my commands !

    Don't over do it.... most s**i cheatsheet docs will start with something simple and work up in complexity... I wracked my brain on this for several days and then it finally clicked when I simplified my approach and went back to basics.

    -Keep Learning
  • edited January 2019

    Beautimus! Finally got root! I spent almost a week and a half on this one.

    Thank you to @dplastico for the link that taught me exactly what I needed to learn. That was the exact "nudge" I needed. Bookmarking that one, for sure!

    n00b

  • Somebody help me i need help in secnotes please PM me guys

  • i'm still stucked in the login ! just got errors and more errors !

  • edited January 2019

    hmm

    OSCP

  • Nice challenge. PM me if you need a nudge!

  • One of my favorite machines so far! Pm for hints ;)

    Hack The Box
    -OSCP-

  • finally did this one.. pm me if you need help with root or user

    Hack The Box

  • Anyone able to hint on root would be fabulous. I think I see what to do, but can't past either errors in my very simple shell or "Windows s******** f** l**** has no installed....". I've even tried to install but still no luck, really lost on this!

  • And rooted. Hint for anyone who gets stuck where I was. Just opt to find where that file is.

  • edited January 2019

    I can get a windows reverse shell and can also get a b.exe shell but it it unprivilages. Trying to look for vulns for the b.exe but stuck on the priv esc. If anyone is willing to help please PM me. Any help would be appreciated.

    EDIT: ROOTED! Wow the privesc was interesting to say the least. Had fun. Great Box. Solved my first box, really happy :D

    Hack The Box

  • yyeeeeii !

    finally root , interesant way to get root ! thank you.

    type me for hints

  • edited January 2019

    Just started this machine 15 mins ago, and I must say: I LOVED the first few steps of this machine! However I'm kind of stuck. I've managed to login to smb(edit this if it is considered a spoiler). I don't know what to do next. Please PM :)

    edit:
    A lot easier than I made it to be, now on to root!

    WillIWas

  • edited January 2019

    i am stuck hard on root flag all day now...i have a shell inside b*** but seems im not as root as i thought i was. anyone care to PM me a hint? i have read all in this thread(which makes me think i should have found it ages ago lol). im sure it's something i overlooked.

    Update:

    so...box was just reset...logged back in...get my shells...read a file that i swear i read before.
    Got root!

  • edited January 2019

    I currently have a reverse shell back to my linux machine. As others have mentioned, it drops when an error occurs or I try running the obvious executables. How can I get an interactive stable shell back to my machine ? I looked online and all I found were non interactive to ineractive shells for linux based victim's. Any suggestions or nudges would help. Thanks!

    EDIT:

    I was using a different version of n****t.exe and that was effing things up. Thanks for the box.

  • (11) completed in 1 and 1/2 day with some direction
    learned about linux subsystem vulnerability inside windows.

    ASHacker

  • Very good box! I have learned a lot and thank you all for good advices! the tip:

    1. Do not overthink the solution. Try easiest options first.
    2. For point 1, when you find the thing check how you can expand it, how it works.
    3. Connect to the box and enumerate it. Once again the solution is straight forward. Once you will get it try to find how you can get more perm.

    If anyone will need hints I'm happy to assist.

  • I stuck at the initial foothold. It was a long and intense struggle, but I learned a lot and finally I was able to find my way. This box was an amazing ride. Thank you 0xdf

  • Getting the initial foothold was the most confusing thing about this box, the user shell was comparatively easy. Tbh, I have no clue why so many people in the thread complained about unstable shells. Getting root read access was easy enough but I wanted a root shell. I even talked to a coworker because my usual tricks didn't work out. Now it works and I'm happy ;)

    Arguing with strangers over the internet since 1848

  • Rooted. If anybody can PM me to talk about the privesc, I think I got root in a slightly different way

  • Stuck at... well.. the beginning :-). Anyone who could gimme a tip or something how to obtain user?

    chojinl

Sign In to comment.