Monteverde

«13456720

Comments

  • could somebody please lend me some gtx1080 for those hashes ;)

  • but how did you get those hashes?

  • could you please give a hint on a specific service?

  • edited January 11

    impacket again.... ;)
    but no chance to crack them... :(

  • edited January 11

    did you use kerberos attack?

  • 'Do not require Kerberos preauthentication' set (UF_DONT_REQUIRE_PREAUTH).

  • I don't know what stage you're at but there is no cracking required to get user

  • actually? so impacket isnt necessary?

  • actually? so impacket isnt necessary?

  • edited January 11

    User is fairly easy, also remember that as per 'machine submission rules' no heavy cracking should be required on HTB, only common passwords are accepted; if you see a hash, it either can be cracked in minutes or it's useless.

    but I am really hoping this box is not all about A**** for root...my head hurts already

    lukeasec

  • but what script from impacket have you used? can't figure it out

  • my scripts from impacket are giving errors.
    did not had that before rolling to python3.
    i have users.. but thats all.
    and yes i did a git pull

    madhack
    If you need help with something, PM me how far you've got already, what you've tried etc.
    Discord: MadHack#6530

  • congrats @splintercode That's insane how fast you did it

    Hack The Box

  • @lukeasec said:
    but I am really hoping this box is not all about A**** for root...my head hurts already

    If it is and you figure it out, give me a shout - I've been going through the docs and some on-box files for over an hour and come up with nothing :D

  • Type your comment> @rewks said:

    @lukeasec said:
    but I am really hoping this box is not all about A**** for root...my head hurts already

    If it is and you figure it out, give me a shout - I've been going through the docs and some on-box files for over an hour and come up with nothing :D

    That's where I am for user..lol

    Hack The Box

  • edited January 11

    Type your comment> @madhack said:

    my scripts from impacket are giving errors.
    did not had that before rolling to python3.
    i have users.. but thats all.
    and yes i did a git pull

    I think I may know what you're talking about. Had a similar issue after doing an update.
    If this is your error:

    Traceback (most recent call last):
    File "xxxxxxx.py", line 334, in
    logger.init(options.ts)
    TypeError: init() takes no arguments (1 given)

    then edit out this line from the script:

    Init the example's logger theme
    logger.init(options.ts)

    Hope this help!

  • edited January 11

    Type your comment> @madhack said:

    my scripts from impacket are giving errors.
    did not had that before rolling to python3.
    i have users.. but thats all.
    and yes i did a git pull

    If you are using kali and have the packages installed it will conflict with your libs from master and make all the scripts in the repo real sad. I don't remember ever installing the package so it might be worth a double check. :)

    https://github.com/SecureAuthCorp/impacket/issues/446

    You can set PYTHONPATH to the repo base; I think I ended up doing both.

    HTH

    edit: replaced awful workaround with link to issue and more sane workaround. :)

    P.S. when this bit me I got the same traceback and the steps in linked issue or PYTHONPATH fixed it for me

  • yes it is working
    but ERROR:root:Kerberos SessionError: KDC_ERR_WRONG_REALM..
    hmm let's try something else

    madhack
    If you need help with something, PM me how far you've got already, what you've tried etc.
    Discord: MadHack#6530

  • Type your comment> @madhack said:

    yes it is working
    but ERROR:root:Kerberos SessionError: KDC_ERR_WRONG_REALM..
    hmm let's try something else

    You are using wrong domain name, try different one.

  • Type your comment> @D8ll0 said:

    Type your comment> @madhack said:

    yes it is working
    but ERROR:root:Kerberos SessionError: KDC_ERR_WRONG_REALM..
    hmm let's try something else

    You are using wrong domain name, try different one.

    thx got it!

    madhack
    If you need help with something, PM me how far you've got already, what you've tried etc.
    Discord: MadHack#6530

  • edited January 11

    Edit : nvm I found out

  • @brueh said:
    'Do not require Kerberos preauthentication' set (UF_DONT_REQUIRE_PREAUTH).

    I wonder how you got those hashes because the script you are talking about didnt find anything for me...

  • Type your comment> @Crafty said:

    @brueh said:
    'Do not require Kerberos preauthentication' set (UF_DONT_REQUIRE_PREAUTH).

    I wonder how you got those hashes because the script you are talking about didnt find anything for me...

    Think more, no just impacket

  • Initial foothold is a guessing game. The most simple one.
    Have that in mind if your enum is not giving anything.
  • Type your comment> @joshibeast said:
    > Initial foothold is a guessing game. The most simple one.
    > Have that in mind if your enum is not giving anything.

    Already tried brute forcing all users with top 100 passwords, no luck.
    Impa**** gives nothing
    :/
  • Type your comment> @Nt3c said:

    Type your comment> @joshibeast said:

    Initial foothold is a guessing game. The most simple one.
    Have that in mind if your enum is not giving anything.

    Already tried brute forcing all users with top 100 passwords, no luck.
    Impa**** gives nothing
    :/

    I tried top-1000 passwords against all users, but no luck! :(

  • edited January 11

    tbh if you think about some of those burner accounts that get installed in the process of spinning up a box, people can be pretty lazy about burner passwords.
    think laziest.

    in retrospect it's absolutely realistic. sadly.

  • Type your comment> @babywyrm said:

    tbh if you think about some of those burner accounts that get installed in the process of spinning up a box, people can be pretty lazy about burner passwords.
    think laziest.

    in retrospect it's absolutely realistic. sadly.

    this is the same for me as try harder.
    still thx for the info.

    madhack
    If you need help with something, PM me how far you've got already, what you've tried etc.
    Discord: MadHack#6530

Sign In to comment.