Reel

Should I be able to open all 3 of the files that I transferred over?

could someone pm me about server in msf ?

Attacking this box tonight, heard it was an amazing windows box.

harmJ0y likes this box :smile:

any hint on initial foothold? found some files and something i can use as a username on a specific service. is brute forcing the way to go?

@sfox0x01 said:
any hint on initial foothold? found some files and something i can use as a username on a specific service. is brute forcing the way to go?

no brute force !

@cdoisponto said:

@sfox0x01 said:
any hint on initial foothold? found some files and something i can use as a username on a specific service. is brute forcing the way to go?

no brute force !

■■■■, this was my first idea :slight_smile:

hey, can someone PM… I am working on initial foothold… I’m pretty sure I have the concept what needs to be done… I just need some help with probably the syntax… I keep getting a message queued but I dont think it ever really does what I need it to

Im also struggling with initial foothold on this box… Found a username and service where I could possibly use it, but I am not seeing how it can lead to a shell. Any hints to get on the right direction would be appreciated!

Look at files you have and how that works with services you found. Look at metadata and use appropriate tools to trigger RCE.

I think I have an idea of which path to take… but not sure if I am connecting the dots correctly. Could someone PM with to check my idea?

This box turned out to be pretty ■■■■ nice. I didn’t realize how deficient I was in the language most prominently used on this one. I learned a few things, and learned how to learn much more. Kudos to @egre55 . Well done my friend, well done.

glad you enjoyed and learned from it :wink: thanks!

@blackhood said:
This box turned out to be pretty ■■■■ nice. I didn’t realize how deficient I was in the language most prominently used on this one. I learned a few things, and learned how to learn much more. Kudos to @egre55 . Well done my friend, well done.

Is the language considered a spoiler, do you mean ps1? Mind giving hints on how to learn more. I have been stuck “after proper login” on finding my way through with the tools found on the box. Feels like the right path, or a rabbit hole.

@pykler All I meant was this was a bit of a hurdle for me, because I’m primarily a Linux guy. I don’t know if me saying the language is a spoiler. It shouldn’t be, but I’d rather not chance it. I’ll just say, learn your way around the windows command lineS and how any interesting programs you find work. I hope this helps you. If not, PM me or hit me on the slack.

Got initial foothold… now to get admin… have some idea’s but struggle to translate them to actual actions :frowning: if someone would be willing to give a small hint via PM :slight_smile:

It’s like a Matryoshka doll, how many users I have to get until admin? LOL

I am trying to get the initial shell but I can’t get the payload to work. Can somebody give me a hint, cause I’m getting crazy

Can somebody pm me about the privesc? Im currently the first user but cant figure out the syntax to use the .xml file…

@Kevoenos said:
Can somebody pm me about the privesc? Im currently the first user but cant figure out the syntax to use the .xml file…

Spoiler Removed - Arrexel