"Slightly" stuck here.. Got the 2.5 creds, worked on them and got the output I wanted to. However, I really can not see a place where I could fo further those. Any hints appreciated...
@ssumkin said:
"Slightly" stuck here.. Got the 2.5 creds, worked on them and got the output I wanted to. However, I really can not see a place where I could fo further those. Any hints appreciated...
Try to find a service that will allow you to connect.
@ssumkin said:
"Slightly" stuck here.. Got the 2.5 creds, worked on them and got the output I wanted to. However, I really can not see a place where I could fo further those. Any hints appreciated...
Try to find a service that will allow you to connect.
@ssumkin said:
"Slightly" stuck here.. Got the 2.5 creds, worked on them and got the output I wanted to. However, I really can not see a place where I could fo further those. Any hints appreciated...
Try to find a service that will allow you to connect.
with msf or no need cuz it will throw error
What mistake do you make? You just need to know what passwords can match and what kind of service.
Type your comment> @Seepckoa said:
> Type your comment> @sazouki said:
>
> Type your comment> @Seepckoa said:
>
> @ssumkin said:
> "Slightly" stuck here.. Got the 2.5 creds, worked on them and got the output I wanted to. However, I really can not see a place where I could fo further those. Any hints appreciated...
>
>
>
>
>
> Try to find a service that will allow you to connect.
>
>
>
>
>
> with msf or no need cuz it will throw error
>
>
>
>
>
> What mistake do you make? You just need to know what passwords can match and what kind of service.
what i did is tried the usernames and their cracked pw, maybe i was wrong
Type your comment> @Seepckoa said:
> Type your comment> @sazouki said:
>
> Type your comment> @Seepckoa said:
>
> @ssumkin said:
> "Slightly" stuck here.. Got the 2.5 creds, worked on them and got the output I wanted to. However, I really can not see a place where I could fo further those. Any hints appreciated...
>
>
>
>
>
> Try to find a service that will allow you to connect.
>
>
>
>
>
> with msf or no need cuz it will throw error
>
>
>
>
>
> What mistake do you make? You just need to know what passwords can match and what kind of service.
what i did is tried the usernames and their cracked pw, maybe i was wrong
Maybe the passwords and usernames do not match, and find the right user.
@seepckoa I managed to get ha***** creds to fit somewhere. However, the high 5*** ports is not accepting any of the combinations I am throwing at it...
I'm having issues and can't figure out what to do next. I have 3 creds and have figure out you have to use W**** in rb but auth error with the creds. Any help would be appreciated through message.
@Sameasname im right there with you at the minute, i can authenticate using the credz to a lower service but not to win** using the ruby library, also tried it using the python module
The user part is not very complicated, you just have to find a way to match the passwords to a specific user that you have to search for yourself. The root is also easy, the file to**.txt will be a clue for you, to go further.
Comments
"Slightly" stuck here.. Got the 2.5 creds, worked on them and got the output I wanted to. However, I really can not see a place where I could fo further those. Any hints appreciated...
I could use some hints please
i got the creds and craked them and then tried to exploit win** via metasploit but always it throw Login failure! Recheck supplied credentials
any hint please
OSCP | I'm not a rapper
sazouki, its broken in msf (afaik)
-All hail the Potato-
Spoiler Removed
OSCP | I'm not a rapper
@Ketil any recommendations on tool/script to run commands over win**?
there is a ruby library which is working well
-All hail the Potato-
Try to find a service that will allow you to connect.
Type your comment> @Seepckoa said:
with msf or no need cuz it will throw error
OSCP | I'm not a rapper
Type your comment> @sazouki said:
What mistake do you make? You just need to know what passwords can match and what kind of service.
> Type your comment> @sazouki said:
>
> Type your comment> @Seepckoa said:
>
> @ssumkin said:
> "Slightly" stuck here.. Got the 2.5 creds, worked on them and got the output I wanted to. However, I really can not see a place where I could fo further those. Any hints appreciated...
>
>
>
>
>
> Try to find a service that will allow you to connect.
>
>
>
>
>
> with msf or no need cuz it will throw error
>
>
>
>
>
> What mistake do you make? You just need to know what passwords can match and what kind of service.
what i did is tried the usernames and their cracked pw, maybe i was wrong
OSCP | I'm not a rapper
Type your comment> @sazouki said:
Maybe the passwords and usernames do not match, and find the right user.
@seepckoa I managed to get ha***** creds to fit somewhere. However, the high 5*** ports is not accepting any of the combinations I am throwing at it...
How is the credential working on one port and not the other. If you have an idea of what I may be doing wrong kindly pm me.
OSCP | I'm not a rapper
@MinatoTW thanks for the adventure! sunday in bed with a new machine + jetlag, great combi
*bedtime now, i will help out tomorrow morning (6 hours from posting this) if anyone needs help.
-All hail the Potato-
good, solid fun box! thanks @MinatoTW
I'm having issues and can't figure out what to do next. I have 3 creds and have figure out you have to use W**** in rb but auth error with the creds. Any help would be appreciated through message.
@badman89 and @sameasname you have to find the user for the pass you got from attachment. there is an impacket script that will help with that..
@gexus makes sense relooking at the .txt. thanks
Thanks guys! Glad you had fun.
Don't let the box pwn you!!
Hi, I saw some people asking for a tool to connect to W***m. Ok I can recommend this tool on which I'm collaborating.
Easy to install via git clone or via gem install (this is even easier). All needed is in the documenation at readme file: https://github.com/Hackplayers/evil-winrm
Hope it helps!
Need some help, is it required to get the plaintext password to move forward. None are working on the higher password.
Spoiler Removed
OSCP | I'm not a rapper
Type your comment> @Ev1ld3v3l0p3r said:
Yes you have to find a way to see the password in clear to go further.
Type your comment> @Seepckoa said:
what about the correct user ? none of them works with that ruby exploit
OSCP | I'm not a rapper
The user part is not very complicated, you just have to find a way to match the passwords to a specific user that you have to search for yourself. The root is also easy, the file to**.txt will be a clue for you, to go further.