Official Omni Discussion

1356710

Comments

  • Type your comment> @tomunderhill said:
    > Anyone have a spare min to give some guidance on the enum replacement (if required) to the afore-alluded to "script". It is doing my head in.. assuming it's the correct one of course :)

    dm
  • edited August 24

    Have been stuck for hours. I guess it is the first time I have this kind of flags. Can anyone please give me a nudge about the decryption? I am pretty sure it is about PS. I tried Con*****-Sec***S***** and I****t-Cli*** but it failed and I guess I need to be that user to decrypt it? If so, I tried to dump the users passwords with mimi**** but no luck. I don't want to change any user's password because I don't want to distrub other players.

    Zhe0ops

  • Finally rooted! In my opinion, it is not an easy machine...
    If anyone need a nudge, PM :)
    Hack The Box

  • Rooted it. Totally not an easy machine. I think it should be a medium machine :)

    jkana101
    OSCP | Sec+ | MCSE | VCP | CCNA

  • edited August 24

    x

  • Any hints for initial foothold ?
    I'm kinda stuck :neutral:

  • Rooted. Much thanks to @jkana101 for hint.

  • edited August 24

    @GodPwned said:
    Any hints for initial foothold ?
    I'm kinda stuck :neutral:

    search for the famous exploit on windows IoT.

  • Rooted!! By the way, how did everyone came to the conclusion to use the S******T script here? Someone gave me a hint to use that script.

    I found the foothold tough as I was unaware about the script and was not able to get much info from the box initially. After that, it is easy.

  • who the hell is resetting the box?

  • Found the script but getting error 'no module names hexdump'. i have installed using pip but still errors. anyone seen this before?

  • Type your comment> @wooly13 said:

    Found the script but getting error 'no module names hexdump'. i have installed using pip but still errors. anyone seen this before?

    Same happened with me but after installing hexdump the script worked without any errors.

  • edited August 24

    Script not working on Kali 2020.3 python 2.7.18

    AttributeError: 'int' object has no attribute 'value'

    solved:
    e..m34

  • Rooted the Box. Just PM me if any hints needed.

  • Type your comment> @gs4l said:

    Rooted!! By the way, how did everyone came to the conclusion to use the S******T script here? Someone gave me a hint to use that script.

    I found the foothold tough as I was unaware about the script and was not able to get much info from the box initially. After that, it is easy.

    Yes bud. The foothold is tough. Especially finding that script that everyone was talking about it a hell ride. The rest is just easy with Google.

    A Chemist doing Penetration Testing - Check the Story here: BinaryBiceps

  • Finally rooted with the help of several kind souls :)

    PM me if you need help, I'll help as much as possible.

  • Type your comment> @jkana101 said:

    Rooted it. Totally not an easy machine. I think it should be a medium machine :)

    I agree.
    I rooted it, but i think is more a medium box.
    The choice of the OS is very original.
    If anyone need a nudge, PM

    Hack The Box

  • finally rooted . more of a medium box . dm if anyone needs a nudge

  • @rholas said:
    Script not working on Kali 2020.3 python 2.7.18

    AttributeError: 'int' object has no attribute 'value'

    There is another option?

    had the same problem... try updating your repo's

    Hack The Box

  • i have command execution but cant get a rev shell.... can anyone help plzz

    Hack The Box

  • edited August 24

    Tip: if you get the message "The system cannot execute the specified program." each time you try to get a rev shell... you have to take the right version of nc64.exe (and think to try all the options of the script found). I lost a lot of time because of this...

    PM me if you need a link.

    Fr0Ggi3sOnTour

  • @agpriyansh I'm in the same spot rn.
    @choupit0 I guess I need a version of nc that is built for that specific OS and architecture?

  • Hmm, could use a nudge... have hashes of the system... unblocked all ports to my ip. have access into the system from smb as whoever I want.

    Not sure how or what to do with the decryption part. EFS?
    A little help would be welcomed :)

  • edited August 24
    Type your comment> @PrivacyMonk3y said:
    >
    > Not sure how or what to do with the decryption part. EFS?
    > A little help would be welcomed :)

    Just view the encrypted Flag. There is a mention about something. Google that thing and you will land on docs.microsoft article. It will help you :smile:

    A Chemist doing Penetration Testing - Check the Story here: BinaryBiceps

  • A weird box... I tried using an exploit which requires an open port 135(failed), bruteforcing the authorization(failed) and connecting to the SMB anonymously(failed). I read about the R****e20 vulnerability, but as far as I look, there's no code for it. Any nudges would be welcome.

  • edited August 24

    Am i right in thinking the script is used to upload a shell? The documentation is limited and the command doesn't seem to work when uploading.

  • Type your comment> @MilesIwakura said:

    A weird box... I tried using an exploit which requires an open port 135(failed), bruteforcing the authorization(failed) and connecting to the SMB anonymously(failed). I read about the R****e20 vulnerability, but as far as I look, there's no code for it. Any nudges would be welcome.

    you won't get in directly through a port, you need to figure out what the machine is and what exploit you can use.

  • So I think I've found the relevant exploit, but when I run it at the moment I'm getting that it's timed out. Is it likely someone has broken the box and I need to reset? I don't want to just go round resetting all the time.

    JonnyGill

  • edited August 24

    Another interesting VM from @egre55 Thanks for your imagination and work :wink:

    Initial Foothold

    Credentials are not always necessary... Try to identify the right OS version.
    After, Google can help you to find your new friend and don't be afraid by him... (some are nice, like Rémy, a great Chef)
    And wait: have you looked everywhere enough? sure?...

    User & Root

    You got finally another reverse shell, well.
    Now, try to find a way to read them... You have the power and the right users to do it.

    Fr0Ggi3sOnTour

  • Finally ........... user and root !! simple but tricky

    Scorpion4347

Sign In to comment.