Endgame

I have tried a ton of stuff over the last several days and it seems I am stuck on step 2 and could use a nudge. Can you message me if you are willing to help? Thanks!

Comments

  • nevermind

  • anyone out there working on poo? could do with someone to compare notes with.

    adyd

  • I'm working on it now... would love to share some ideas

  • On second step now :) @waywardsun did you finish?

  • Seriously though folks, if anyone wants to bang their heads on the wall with me, drop me a line.... misery loves company ;)

  • any hints for starters on where to look?

    right now, i'm trying to brute the mssql and find interesting file/dir on the iis

  • Looking for people to brainstorm with this on, as well. I'm right at the end (I think), but my Windows skills need some improvement.

    opt1kz

  • edited January 2019

    @evandrix said:
    any hints for starters on where to look?

    right now, i'm trying to brute the mssql and find interesting file/dir on the iis

    brute not the way to go.. enumerate more on the iis

  • edited January 2019

    Every step is at its best. I stretched myself to great extent. Simply loved the endgames.

    MrR3boot
    Learn | Hack | Have Fun

  • Hey guys, is it a common thing, that websites on starting point address of XEN are not working? If no, could sime of you just vite to reset xen? Thx

    v1p3r0u5
    If you need some help => 1) Your findings so far? 2) Your conclusions? 3) Your further ideas?
    RESPECT++ if I was able to help you! => https://www.hackthebox.eu/home/users/profile/139772

    No messages on the wall please and don't message me via HTB chat, please use the forum!

  • NVM, it's working again...

    v1p3r0u5
    If you need some help => 1) Your findings so far? 2) Your conclusions? 3) Your further ideas?
    RESPECT++ if I was able to help you! => https://www.hackthebox.eu/home/users/profile/139772

    No messages on the wall please and don't message me via HTB chat, please use the forum!

  • anyone working on this? could use a nudge on the first step for P.O.O., Feel like I've enumerated everything on IIS (methods, vhosts, creds, dirs/files etc). I was able to find an interesting information disclosure vuln but am not able to connect the dots...

  • edited January 6

    Working on P.O.O, disclosed something which I may be able to look into.

    Edit: Found some interesting directories, but I don't see how I can access the info in them

    clubby789

    • GCIH
      If you need help with something, PM me how far you've got already, what you've tried etc (I won't respond to profile comments, or on box release night). And remember to +respect me if I helped you ; )
  • anyone can help me how to move ahead I am stuck at 2nd step for xen

  • @clubby789 said:

    Working on P.O.O, disclosed something which I may be able to look into.

    Edit: Found some interesting directories, but I don't see how I can access the info in them

    That's a shame.. Damn those Mac junkies and their short eight second tantrums! (or was it three?)

  • could someone help found two ways both asking for credentials still stuck at the web page :(

  • edited January 9

    Step one done, already feels like a real ride. I think I may know the path to two.

    Edit: Flags 1, 3, 4 got. Wonder where 2 is...

    clubby789

    • GCIH
      If you need help with something, PM me how far you've got already, what you've tried etc (I won't respond to profile comments, or on box release night). And remember to +respect me if I helped you ; )
  • Anyone would like to exchange notes for poo?

  • Finally finished, really excellent experience. Learnt loads about AD.
    Hints:
    1 - There are two infoleak vulnerabilities you can combine here
    2 - Follow the links
    3 - Go back to something you found earlier
    4 - Digging a tunnel will speed things up
    5 - Why guess info when you can change it?

    clubby789

    • GCIH
      If you need help with something, PM me how far you've got already, what you've tried etc (I won't respond to profile comments, or on box release night). And remember to +respect me if I helped you ; )
  • Hi everyone

    Any hint for hades after first shell?

    THX

  • XEN 3rd part, I'm getting prxxxin timeout error, I think my config are correct, any hints anyone please?, stuck there are 2 days :(

  • Can someone give a push into right direction for xen's foothold? I found bunch of places, wasn't successful in guessing, and stuck now.

Sign In to comment.