@onlyamedic said:
A set of hints for this box is to audit the exploit script (do not use metasploit exploit), and see what it’s doing first.Run the application on virtual machine (recommend windows 7)
do not use meterpreter/reverse_tcp as shell, this is why the service keeps crashing.
Use regular windows reverse shell (do not use meterpreter please), and you will have a stable shell.
Get your payload/exploit working locally first then move to live box.
Should be easy from there.
First post and first box I’ve done on here, I must say I’m really loving this community and all of the helpful tips everyone has (using basics like netcat or just shell instead of meterpreter were HUGE for this one, as was trying out different nmap parameters!)
Also I don’t think it can be stressed enough to try exploits out on your own VM; it was first-try-Friday’s for me once I realized I had the right exploit & payload, and that the box just needed resetting so the exploit could actually work.
And if you need any hints, please feel free to PM literally anybody else that’s already offered as I doubt I’m the right person to be asking.