Giddy

1234579

Comments

  • @starcraftfreak said:
    I am stuck. I'm still not able to stop or start or even list any services. This is required to run my exploit. Can anyone help?

    well...Thanks to some help, I realized I did not need to run a powershell cmdlet to list the services. The service name I needed is found in some files on the machine. Box rooted. :)

  • So I'm stuck on the last piece, I can start/stop service but none of my payloads will run. Anybody able to nudge?

  • @voncount said:
    So I'm stuck on the last piece, I can start/stop service but none of my payloads will run. Anybody able to nudge?

    I'll send you a PM.

  • Thanks @clmtn, I'd give you another respect if I could :)

  • Hey friends stuck on finding identification info
    So far I found the path rxxxtx and the m **
    In addition I also found the S*** but stuck in finding identification information

    plz pm me

  • edited January 2019

    Got User. Thanks @clmtn and @Impulse for help.

    Got root. PM me for hint. Thanks again @clmtn and @Impulse for hints. This is my 4-5 windows machines. Not able to proceed faster. Thanks for your hints.

    sesha569

  • Fun box. First one I've done that didn't feel like another CTF.

  • edited January 2019

    stuck... found the right service, found the right file, uploaded my file, did something to make it work...
    output says it worked, but it actually did not. may i get some help with fine-tuning the attack?

    EDIT: systemed. be patient - it takes a while to spawn a shell.

  • I'm not sure what was said in this thread, but make sure to Google for the service name when doing the PrivEsc!!
    I wasted so much time trying to figure out the service name and I found it immediately after google'ing some keywords. The vulnerability is known and can be found in Kali and online.

  • Finally got root! After two days banging my head... Just wanna to thank the creator because this is a very good box!

  • Nice box and great to see a system designed to demonstrate credential elicitation techniques detailed in https://www.us-cert.gov/ncas/alerts/TA17-293A but using different services / protocols.

    Testacl

  • Anyone here to help me?
    I have the login credentials for the "service".Few hours ago i was able to login utilizing those credentials,But the same same credentials now gives the error "The Windows PowerShell Web Access gateway cannot establish a connection to the destination computer. Contact the gateway administrator." even after the box resets.
    IS it intended of somethingis wrong from my side?

  • @saketsourav said:
    Anyone here to help me?
    I have the login credentials for the "service".Few hours ago i was able to login utilizing those credentials,But the same same credentials now gives the error "The Windows PowerShell Web Access gateway cannot establish a connection to the destination computer. Contact the gateway administrator." even after the box resets.
    IS it intended of somethingis wrong from my side?

    Edit:Finally got it.Username was mistaken from my side.

  • edited January 2019

    Rooted. I can't emphasize enough my disdain for PowerShell. The syntax is ugly, verbose and a pain to type. Kudos to the @lkys37en :+1: for the opportunity to get out of my comfort zone.

    limbernie
    Write-ups | Discord - limbernie#0386

  • edited January 2019

    Rooted at last! Thahx @sesha569 for hint!
    @kekra , @snowman418 -- msfvenom payloads work, but just need to choose right ones.
    Waste much time and couple of resets 'cause of wrong bits count :)

  • Please help with getting sqli to work. I can't make xp_t... to work. PM please

    Hack The Box

  • maybe you guys know of a good video/tutorial on how to use sqli on a machine like this. thanks

    Hack The Box

  • Im trying manual sqli for training, but I fail, could someone help me in pm ?

    peek

  • edited January 2019

    Anyone can PM me please for rooting questions ? I know what to exploit and how but no payload works, not even a c# .exe compiled on the system itself by csc does get executed - it seems i miss something.

    Update: Got it myself - nice box - simple .c code helped...

    image

  • Finally completed this machine got a learn a lot of new things from it.
    If anyone need help feel free to pm :)
  • Thanks @sesha569 for the help with sqli

    Hack The Box

  • OK. I got pass for S...y and try to login, but I can't

    Hack The Box

  • To login with S...y give respect to her.
    But even in this case you may wait your turn.
    That is normal, she is very popular.

    tabacci

  • guys, how did you upload the file in PSWA?

    Hack The Box

  • I was able to upload a file but all my attempts to run it are blocked. Though maybe there are ways to run it, or maybe i do not even have to do that here. if anybody is willing to help with privesc that would be nice , please PM. thank you

    Hack The Box

  • @limbernie said:
    Rooted. I can't emphasize enough my disdain for PowerShell. The syntax is ugly, verbose and a pain to type. Kudos to the @lkys37en :+1: for the opportunity to get out of my comfort zone.

    I agree

    peek

  • I was able to upload a file but all my attempts to run it are blocked. If anybody can help me with this?

  • really stuck on this privesc. Need hints, guidance in the right direction. I tried all this different tools like P...-E... and V..L I get the idea but I either can't execute or reverse shell is not initiating.

    Hack The Box

  • just a question, how do we restart ****** service if we fail, i dont want to reset the box each time, thanks

    peek

  • I can't for the life of me get the SQLI to work for me. Can someone PM with a point in the right direction?

Sign In to comment.