Got user, got the remote dog working, think i have found the path, got my user as close to the end of the path i can find but now i can not go any further, Can someone please pm me a hint?
I have been stuck for a week now on Admin. Here's what I have so far: I have managed to use the remote python version of the dog for getting my graph, but I am not sure where to go from here. I think I see a path from svc-al to FOREST, but I am kind lost so I'd appreciate a nudge (more than anything I think I am suffering from tooling issues)
I can't also run mimikatz on the box, any command fails.
Finally got root, what a great box. 5 days straight of learning.
If i could give one piece of info that i could not find easily was all commands people gave to get the time from the server did not match to my time, so clock_skew was killing me.
This command worked for me
net time -S 10.10.10.161 -U ""
Am I supposed to brute force the hash? (At the last step) Because rock doesn’t pick that up.
Nope, no bruteforce needed.
Rooted, PM me for help. Definitely a difficult box.
Man, I'm stuck after days and reading all of this. I have two users, svc and h******s and only the latter seems to do anything with the dog. I see a route to admin (I think) but after reading through these comments I'm thinking I need to create a new user now? I'm not sure why or how - can someone help me out?
Wow. This is one of my favorite machines to be honest. VERY realistic, and definitely not an easy box!
User: impacket and nmap?
root: dog & impacket because it is not that easy.
BTW, impacket has different versions, sometimes you may face an issue just because you are using one version instead of the other so keep that in mind.
Can someone PM me to help me with root? I been stuck for about a week or so. I have a graph from the dog and believe I know the path to get where I need to be. I'm assuming I am stuck at trying to add another user?
Took me 8 days after user to get root and the hints in the forum are enough to get you there. I think there might be multiple paths on this one, but I suggest you not get bogged down in powershell.
this box was amazing! Thank you very much! more of that please. P.M. me if you need a nudge but study the graph, learn about what it actually means and google!
Can anyone please help about this error ?
KRB_AP_ERR_SKEW(Clock skew too great)
I'm currently using Manjaro distro. I can't find a way to set the time to match the server and the nmap take such a long time to run.
Hey Guys, need a bit of help. Got users know which tool to use from previous boxes but for some odd reason when specifying domain and n-s argument I get this weird error:
Comments
I've been bashing my head and keyboard a long time in the route for root.
I got the evil to walk to the dog and found a path, been able to create an user, but then I'm stuck. Anybody I can PM for questions?
hi guys,

this machine was a new experience for me, i learn more things.
A special Thanks to Luemmel, chm0dx, dodosstuff
Type your comment> @NewViking said:
Same, got new user in groups. Can't do anything with it.
Got user, got the remote dog working, think i have found the path, got my user as close to the end of the path i can find but now i can not go any further, Can someone please pm me a hint?
can someone help me for initial shell? i alredy get the user and cred and now can't do anything with it.
Anyone for initial footholds in this box...I have only usernames..that's it....any help with the impacket
I have been stuck for a week now on Admin. Here's what I have so far: I have managed to use the remote python version of the dog for getting my graph, but I am not sure where to go from here. I think I see a path from svc-al to FOREST, but I am kind lost so I'd appreciate a nudge (more than anything I think I am suffering from tooling issues)
I can't also run mimikatz on the box, any command fails.
Can somebody pm me about root? I think i am on the right path, but still can't get it. Some hits would be very much appreciated!
UPD. got root. it was easier than i thought. I enjoyed this machine, but it is so not an easy level.
If anybody needs some hits, feel free to PM.
Finally got root, what a great box. 5 days straight of learning.
If i could give one piece of info that i could not find easily was all commands people gave to get the time from the server did not match to my time, so clock_skew was killing me.
This command worked for me
net time -S 10.10.10.161 -U ""
Happy to help with any hints needed
Am I supposed to brute force the hash? (At the last step) Because rock doesn’t pick that up.
Nope, no bruteforce needed.
Rooted, PM me for help. Definitely a difficult box.
Get root, this is never a easy box, but I learned a lot, great job for the creators of the box
Ugh, how do you get past the "Clock skew" issues?
CISSP | eJPT
Got root! I agree this box is mis-rated as easy, if only f or the level of prerequisite knowledge.
Feel free to PM me for help.
Stuck on root folks. Walk the dog, added what I needed to. But nothing is working still. any help?
Man, I'm stuck after days and reading all of this. I have two users, svc and h******s and only the latter seems to do anything with the dog. I see a route to admin (I think) but after reading through these comments I'm thinking I need to create a new user now? I'm not sure why or how - can someone help me out?
Wow. This is one of my favorite machines to be honest. VERY realistic, and definitely not an easy box!
User: impacket and nmap?
root: dog & impacket because it is not that easy.
BTW, impacket has different versions, sometimes you may face an issue just because you are using one version instead of the other so keep that in mind.
Good luck!
OSCE | OSCP | CRTE | GPEN | eCPTX | CREST CRT | GDAT | eCPPTv2 | GWAPT | OSWP | ECSA (Practical)
Finally rooted. No way in hell this is an "easy" box, but what a ride! ^^
Can someone PM me to help me with root? I been stuck for about a week or so. I have a graph from the dog and believe I know the path to get where I need to be. I'm assuming I am stuck at trying to add another user?
Took me 8 days after user to get root and the hints in the forum are enough to get you there. I think there might be multiple paths on this one, but I suggest you not get bogged down in powershell.
Should I be using a password or a hash to create my user?
The dog is hungry and needs to be fed but the readily available instructions on getting the food to feed the dog don't work. Any help is appreciated!
this box was amazing! Thank you very much! more of that please. P.M. me if you need a nudge but study the graph, learn about what it actually means and google!
Can someone message me for some help? I'm stuck after making a new user...
Finally rooted, was a lot of fun and learning with Active Directory. Thanks to @NewViking and @instasec!
Is the ex*****e server a part of this?
Hey can somebody please give me a hint about the root part?
Thanks
Well GD - Finally Rooted, millions of thanks to @FatPotato, @instasec and @Tiyeuse.
This was my first box here and what a box! Took me about 5 days...thoughts:
I spent way to much time doing that and it's probably not even clever...give me a break my eyes are crossed from staring at this screen for so long.
PM me if you need help.
root tips> @HeXN0P said:
help whit root please
Hey Guys, need a bit of help. Got users know which tool to use from previous boxes but for some odd reason when specifying domain and n-s argument I get this weird error:
RemoteOperations failed: [Errno Connection error (FOREST:88)] [Errno 111] Connection refuse
Did this for all enumerated users. Any ideas?
Can someone please help, stuck with Kerberos SessionError: KDC_ERR_WRONG_REALM(Reserved for future use)