Forest

1121315171839

Comments

  • Working on root. Using n********x.py and p***********e.py. I know the commands are right but get an error after putting in the password with p**********e.py. Someone msg me please.

  • No idea what I've been doing so far but I've managed to get root XD.

    halisha

    --- I reply faster on Telegram @halishasec and [Discord Tavi #6865]
    --- Please specify the machine you're working at when messaging

  • i hate this box
    got new user, rights, created a ticket but i cant use the ticket.
    if someone can give me a nudge...

    windows 7 is my rig :) if it can't be done on windows, i fail.

  • C:\Users\Administrator\Desktop>whoami
    nt authority\system

    Finally Rooted :)
    Great box,well it should be rated medium and its not an easy machine :(
    learned a lot though

  • can some on please tell me why i can't upload to the Documents folder
    i get the ok from python server but no file after.
    please pm me..

    madhack
    If you need help with something, PM me how far you've got already, what you've tried etc.
    Discord: MadHack#6530

  • Hi, Can someone please help me, I am a beginner for my OSCP journey.

    Basically, i did S** enumeration and got usernames and domain.
    I want to know what tool under Impacket can help to get hashes, i have tried G**N*****s.py but i am unable to succeed. Thanks in advance.

  • I got the password for s**-*******o from brute forcing, some tips on how to do it "correctly" would be nice, also I'm having trouble with Sh***H****

  • Been stuck at root for a while, and would really appreciate a nudge! I've made it no where since getting user. I think I understand the application that people keep referencing, the Dog. However no matter what I try and feed it, I don't get any output back. Really would appreciate a pm if you know what's causing this issue.

    Thanks!

  • Type your comment> @M1sha said:

    However no matter what I try and feed it, I don't get any output back.

    Thanks!

    It is important that you use all relevant credential data (3) when you run the Invoke command.

    bumika

  • Hello boys
    could anyone help me, please??
    i use nul*x and im****t, with G********s.py i get s-*******o and his password.
    I have problem with G**U*****s.py because i have this errors:
    "No entries found!" Or "[-] Kerberos SessionError: KRB_AP_ERR_SKEW(Clock skew too great)"
    I have change my time, but nothing =(
    Thank you for your help

  • I have no idea where everyone is getting a password hash from, can't find anything at all, already using the tool everyone is mentioning, can't get any of the scripts to work.

  • Type your comment> @cipster86 said:

    Hello boys
    could anyone help me, please??
    i use nul*x and im****t, with G********s.py i get s-*******o and his password.
    I have problem with G**U*****s.py because i have this errors:
    "No entries found!" Or "[-] Kerberos SessionError: KRB_AP_ERR_SKEW(Clock skew too great)"
    I have change my time, but nothing =(
    Thank you for your help

    Had this too: Change the time -1 minute behind the server time.

  • finally, cost me over a month, 1 laptop, a desk, my relation but totaly worth it.

    USER INFORMATION

    User Name SID
    ================= ============================================
    htb\administrator S-1-5-21-3072663084-364016917-1341370565-500
    E***-****M PS C:\Users\Administrator\desktop>

    this is also a hint, last step can be done without impact.
    just lookat wat you used for the user shell

    windows 7 is my rig :) if it can't be done on windows, i fail.

  • Need a help on a root.
    Got the Hound to work, it showed me probably the path i need, but to do some escalations, it looks like i have to upload files on a system, but i cant do this.

    Any hint would be very nice!

  • edited November 2019

    Hi this is my first windows machine and I have some difficulties for the user. I have found the users and the password for one of them , I have trying to connect to the different ports on 3** and 3**8 I can connect (but not found nothing) while on 6*6 and 3**9 I cannot connect for a TLS error. The TLS error is wrong path? I missing something?

    EDIT: Working on root

    Hack The Box

  • edited November 2019

    Can anyone PM some tips/hints for where to find the hash for one of the users? can't get anywhere with it.

    EDIT: Got the hash and cracked it, working on finding a place to use it now.

  • Has anyone been able to get the P****V*** script to work? I can't seem to get the modules to load. I can get P****S**** to load but it does not include all of the functionality that I need. I've been stuck at this point for two days so any help would be highly appreciated.

    k1llswitch
    "The master has failed more times then the beginner has even tried"

  • On root part.

    How to create a new user for the domain? Which command?

  • Type your comment> @JuicyyCandy said:

    I have no idea where everyone is getting a password hash from, can't find anything at all, already using the tool everyone is mentioning, can't get any of the scripts to work.

    same

    peek

  • Type your comment> @Looking4 said:

    On root part.

    How to create a new user for the domain? Which command?

    google search how to create windows users by command line :)
    Hint; net .......

    Always happy to help others. 100% human

    https://www.mindfueldaily.com/livewell/thank-you/

  • Type your comment> @hubi277 said:

    Im trying to use multiple scripts from tool mentioned here a lot of times but all i get is
    KDC_ERR_WRONG_REALM
    can someone dm me with some tip becouse im trying for a long time now and can't do nothing

    I fix it by editing the hosts file. Point the IP to htb.local .

  • edited November 2019

    I have the user and hash. Can someone help me on how to convert the hash to a valid pass?
    EDITED: Managed to crack the hash now. :)

  • @JuicyyCandy said:
    I have no idea where everyone is getting a password hash from, can't find anything at all, already using the tool everyone is mentioning, can't get any of the scripts to work.

    1. For the user list, you can use e***4****x .
    2. Try to use impacket G********S.py to get the hash.
  • Type your comment> @pourquoi said:

    I have the user and hash. Can someone help me on how to convert the hash to a valid pass?

    John is a good guy :)

    Always happy to help others. 100% human

    https://www.mindfueldaily.com/livewell/thank-you/

  • Type your comment> @Ammit said:

    Spoiler Removed

  • need help for initial foothold i knw how to tame "DOG" for root

  • I've managed to get user on this box but is very dumbfounded on root.

    Anyone willing to help me get going? Windows machines er quite the mystery to me, so any help would be greatly appreciated.

    I've read through the forum for root hints but struggle to make good sense of it all
  • edited November 2019

    i get only [-] Error in bindRequest -> invalidCredentials: 8009030C: LdapErr: DSID-0C0906A1, comment: AcceptSecurityContext error, data 52e, v3839

    EDIT:wrong domain

    peek

  • edited November 2019

    Spoiler Removed

  • im connected with e---w---- but cant run p----s----- what is the alternative ?

    peek

Sign In to comment.