Official Intelligence Discussion

Official discussion thread for Intelligence. Please do not post any spoilers or big hints.

«1

Comments

  • Is foothold stego or some AD magic?

  • Someone give a hint here please

  • It's enumeration of what you know. Scripting is a plus.

    I've got user but I'm a bit stuck. I read the script and I think I have ideas but I'm not able to pull anything off. Playing with python and dumped loads of info just not sure what's important.

    Been stuck for a couple hours. Anyone got a nudge?

  • edited July 4

    Same here. Got two users but not sure where to use them. Tried every possible way I know. I am no one when is comes to AD. Any hints would be useful

    Hack The Box

  • one step forward two steps back. Got the next user but not really any visible advancement. Banging head against the wall lol.

  • Got user... Thanks goes to @PrivacyMonk3y

  • Finally rooted!
    I really rooted this machine, and also learned a couple of things I've never encountered before.

    You can PM me if you need any nudges.

  • edited July 5

    Finally rooted!! This one was actually hard for me since I am an absolute beginner when it comes to Active Directory. User was way easier than root

    User:
    Web server gives all you need, even it's an AD box.
    Don't be lazy. check all you get, not only outside, inside too.

    Root:
    Read the script, act accordingly and wait until the "RESPOND" comes.
    Accounts are not safe and the "packet" can help you.

    Hope these will help you a bit. If you get stuck, you are always welcome to DM.

    Hack The Box

  • edited July 5

    I'm also having trouble with this box. I've extracted a couple of users, but I'm missing the password. Can someone give me a nudge?

    *** Nevermind ***
    My script was bad, and I should feel bad :tired_face:

  • User: Look all things and fuzzy hard.

    Root: Do simple, it's not hard.
    If someone need help send me DM.

  • Either I did the "wrong" path to root or I think the path to root was quite hard :wink:

  • Hi im rather new to AD and LDAP; im a little unsure of where to start, what to do, or how to even google search some stuff haha. I was wondering if it was ok, if i could get a point in the right direction. Thank you.

  • Root definitely took me for a ride. I'd just say be prepared to do some scripting to make your life easier.

    Feel free to DM for nudges.

    Harbard

  • Type your comment> @a74881 said:

    Hi im rather new to AD and LDAP; im a little unsure of where to start, what to do, or how to even google search some stuff haha. I was wondering if it was ok, if i could get a point in the right direction. Thank you.

    For user you don't need any AD knowledge. Basic enum should get you to the correct path

  • Rooted

    Really a great machine, enjoyed every step !

    Enumeration is the key !

  • So I've got the user flag but cannot pop a shell? Have tried several things and vectors.

    What am I missing?

    TIA

  • Rooted! For user make sure you get everything and inspect all the details - scripting helps. Root was wild, pay attention to what the automated task is doing and see if you can spoof something with your toolkit.

    alt text

  • Rooted! For user: This is not an AD, this is web.
    Root : dig in AD

    Hack The Box

  • Hmm, so I got a user and a password after a lot of web enumeration.
    The 2 combined does not stick to anything at the moment ....
    Obviously I am missing something ...

    Always happy to help others. 100% human

    https://www.mindfueldaily.com/livewell/thank-you/

  • Type your comment> @acidbat said:

    Hmm, so I got a user and a password after a lot of web enumeration.
    The 2 combined does not stick to anything at the moment ....
    Obviously I am missing something ...

    There's more enumeration you can do. Delve deep into any files you can download!

    alt text

  • Fun box painful if you (like me) use wrong version of a tool but fun. Thanks ARZ101 for help on the last part!

  • Type your comment

  • Fun and challenging box.
    Thank you @Micah for creating this challenge for us.

    Always happy to help others. 100% human

    https://www.mindfueldaily.com/livewell/thank-you/

  • Sooo Ive been at it for days.
    I’ve got user and the hash/password for the owner of the script. But can’t for the live of me get a shell on the box. Can someone drop a hint? I tried all the packts I can think of.
  • edited July 20

    Type your comment> @Eren said:

    Someone give a hint here please

    Just got user. So the Web Server gives you all of the information you need to get access. Access will be granted through another channel.

    Hint For User: Wow, there sure are a lot of PDF files. I wonder if there's any way to see who created them....

  • got user... that part was straightforward ;) on to root now ^^
    dm if help needed

  • I got User, but I'm a bit lost when it comes to root. I don't have much AD knowledge. I believe I found the file that will open the way to root, but I don't know what to do with it.

  • Type your comment> @PrivacyMonk3y said:

    It's enumeration of what you know. Scripting is a plus.

    I've got user but I'm a bit stuck. I read the script and I think I have ideas but I'm not able to pull anything off. Playing with python and dumped loads of info just not sure what's important.

    Been stuck for a couple hours. Anyone got a nudge?

    Look at your NMAP results and see what is open to us. Also, think about the script you found. Think there's any way to point it to us? I hope this RESPONSE helped you out ;)

  • No events in RESPONSE, wireshark show's box visit my 80 port, but nothing happen

Sign In to comment.