Official Worker Discussion

1234579

Comments

  • Type your comment> @Jk3r said:

    Can anybody tell what im supposed to do after i log in with n"""n ? Confused !! i need to be in the right path .....

    Honestly that reverse shell, a little bit and i loosed my mind

    Why 50 53R10U5

  • Rooted,
    What a fun machine. Thank you @ekenas for creating it, awesome job :smiley:
    Also a thank you to @Andres7ll for some sanity checks and subtle nudges.

    Always happy to help others. 100% human

    https://www.mindfueldaily.com/livewell/thank-you/

  • Does someone have a nice article for root? Thanks!

  • Type your comment> @syn4ps said:

    Does someone have a nice article for root? Thanks!

    https://docs.microsoft.com/en-us/azure/devops/learn/git/what-is-git

    Why 50 53R10U5

  • nice machine, but i was disappointed because it not has erally hacking, just enum, but its so funny, the root part was pretty easy ;) ( feel free to ask me questions )

    666snippet

  • There may be more than one way to root Worker and at least one requires hacking/exploitation skills ;)

  • Rooted. This was really fun and taught me new things. Thanks to @Andres7ll for nudges that helped me get user because I was overcomplicating things. After that, root was a breeze. Way easier than I expected!

    PM me if you need nudges or hints. I will not give you any straight answers though. I will simply point you in the right direction and help you learn as I did. :smile:

    AviusX

  • Well, I'm probably sleep deprived and over complicating this - but Id welcome a nudge on what to do with the tool once you login. I know its probably something to do with the | feature, and I assume a markup language of some sort but beyond that... Lost.

  • edited September 4

    @melodicminor said:
    Well, I'm probably sleep deprived and over complicating this - but Id welcome a nudge on what to do with the tool once you login. I know its probably something to do with the | feature, and I assume a markup language of some sort but beyond that... Lost.

    maybe you can get the "tool" to build you something ..

    "something" that opens the door and allows you to execute commands based on the backend technology..

    Might be too cryptic..

    Always happy to help others. 100% human

    https://www.mindfueldaily.com/livewell/thank-you/

  • edited September 4

    @acidbat not too cryptic I'm just in a funk - I'll come back to it in a few hours and see if I can wrap my head around it - thanks for the assist!

    I'm on that path. I think I can plumb together what I need eventually, probably just need to RTFM a little closer.

  • @melodicminor no worries mate.
    :smiley:

    Always happy to help others. 100% human

    https://www.mindfueldaily.com/livewell/thank-you/

  • hi guys looking for help, having the following error with a certain tool

    info: Establishing connection to remote endpoint

    Error: An error of type HTTPClient::ReceiveTimeoutError happened, message is execution expired

    Error: Exiting with code 1

  • This was a really cool box and I definitely learned some new tricks. Thank you @ekenas this was well done!

    DM for nudges.

    Harbard

  • i just cant get the creds out using s*n !!!1
    a little assist please

  • @in3vitab13 said:

    i just cant get the creds out using s*n !!!1
    a little assist please

    Revisions matter.

    TazWake

    Happy to help people but PLEASE explain your problem in as much detail as possible!

    Also: https://www.nohello.com/

  • Type your comment> @TazWake said:

    @in3vitab13 said:

    i just cant get the creds out using s*n !!!1
    a little assist please

    Revisions matter.

    you never fail to show me the way!
    thanx my man!

  • ohkay this is my first windows machine, and i have no clue whatsoever
    so what should i study or where should i need to look for reverse shell here?!!
    a little push needed guyzz

  • @in3vitab13 said:

    ohkay this is my first windows machine, and i have no clue whatsoever
    so what should i study or where should i need to look for reverse shell here?!!
    a little push needed guyzz

    I wouldn't think of this as a "windows" machine. Your attack is based on the technology stack in use and the box name is a bit of a clue. Once you log in, look for ways you can use the technology to run commands on your behalf.

    TazWake

    Happy to help people but PLEASE explain your problem in as much detail as possible!

    Also: https://www.nohello.com/

  • Type your comment> @TazWake said:

    @in3vitab13 said:

    ohkay this is my first windows machine, and i have no clue whatsoever
    so what should i study or where should i need to look for reverse shell here?!!
    a little push needed guyzz

    I wouldn't think of this as a "windows" machine. Your attack is based on the technology stack in use and the box name is a bit of a clue. Once you log in, look for ways you can use the technology to run commands on your behalf.

    ohkay m on it!!
    need a little research from my side...will do it!1

  • Type your comment> @ins3cure said:

    I would really like to kill the r******r before he kills me :joy:

    Uf... finally got the user!

    Edit again: rooted! A bit frustrating because of poor performance. But an enjoyable machine overall, and quite realistic.

    No joke on the r******r bit! Looking for any nudge in how to get around that particular hurdle. I am able to do just about everything else I need to get this thing knocked out.

  • Type your comment> @beehammer said:
    > Type your comment> @ins3cure said:
    >
    > (Quote)
    > No joke on the r******r bit! Looking for any nudge in how to get around that particular hurdle. I am able to do just about everything else I need to get this thing knocked out.


    The r******r bit is just a necessary step to do machine cleanup. You have quite a big window to do your stuff before it kicks in. Time it well and you shall succeed :)

  • Type your comment> @ekenas said:

    Type your comment> @beehammer said:

    Type your comment> @ins3cure said:

    (Quote)
    No joke on the r******r bit! Looking for any nudge in how to get around that particular hurdle. I am able to do just about everything else I need to get this thing knocked out.

    The r******r bit is just a necessary step to do machine cleanup. You have quite a big window to do your stuff before it kicks in. Time it well and you shall succeed :)

    I can imagine that but it seemed to be running every 30s or so. I would upload the thing and before I could navigate to it, R would have run and it would be cleared out.

  • The window is 10 minutes

  • Type your comment> @ekenas said:

    The window is 10 minutes

    Not sure what was going on but after somebody reset the machine, it acted normal and I was able to complete user and root flags last night. Fun box with some unexpected direction. I did not see s********n and A**** D****s coming in the same system!

  • Finally Owned!!! This was a nice experience and exposure to new tech... Tnx @ekenas for the box. :smile:

  • how did you guyz mined other subdomains after loggin in?!
    or is it guess work/??

  • there anybody else who faced the work-item issue?

  • Type your comment> @in3vitab13 said:

    how did you guyz mined other subdomains after loggin in?!
    or is it guess work/??

    Enumeration and reading some s*n repos which will give you a hint.

    Always happy to help others. 100% human

    https://www.mindfueldaily.com/livewell/thank-you/

  • edited September 14

    Does an error occour during the ppeines process in that certain domain for everyone or is it just me..?

  • edited September 16

    Type your comment> @sparkla said:

    Az*** CD/CI is broken beyond repair. Someone helped me how to do it, I tried for an hour again and again, I can't merge and the plattform got more weird with each try. Has this been coded by Microsoft or what?

    SCNR :D

    That probably explains the issues I'm having too! Thanks for the unintentional clarification!

    Edit: lol, figured it out.

Sign In to comment.