AX Jeeves

I have done a lot of enumeration and still I have not found something to stand on any clues to what I may be missing?

Spoiler Removed - Arrexel

@h0m3r said:
Spoiler Removed - Arrexel

run dirbuster ? or askjeeves

I feel like an idiot… where on earth is the root flag?

Nevermind…

@h0m3r said:
Any hints on Jetty 9.4.z-SNAPSHOT? Directory traversal?

Found something?

I’m probably looking at this one totally wrong, having trouble getting a session from my PS script in a certain console, it’s taking the payload and looks to be initiating but the meterpreter just hangs, should I be looking at ‘build’ instead, any ideas :slight_smile:

I got a reverse shell and user.txt, to find root.txt is needed an exploit to priv esc? All exploits I’ve tried are not working…

@MrRobotty said:
I got a reverse shell and user.txt, to find root.txt is needed an exploit to priv esc? All exploits I’ve tried are not working…

You could attempt exploits, they might work. Keep enumerating and looking for things that look out of pllace.

Could anyone give me a lil nudge here? I am just freaking stuck… dotdotpwn found some directory traversals but I am totally stuck there. How the freak can I process here? I try this for a few days now and I feel I am completely lost… any slight hint is appreciated!

I got the user shell / flag. not sure on priv esc at this point.

@Deadstopp said:
I feel like an idiot… where on earth is the root flag?

I am having the same emotions! also have system hm.

change your perspective to list file … try dir command with a different option…

any tip on priv esc?

@Agent22 LOL, this crossed my mind but I’ve never done via cmd! every day a school day :slight_smile: thanks for the nudge

Whoever 10.10.14.215 was this morning working on this machine, you are seriously a piece of ■■■■. killing off other peoples shells to change their work to your IP so you dont have to figure out how to create it yourself is a super ■■■■ move. Please rethink your life. Thanks.

Any nudge for priv esc. I found an interesting file. PM me please?

anyone made a progress with priv esc ? is there any good resources to read about windows priv esc ? i spent too much time learning linux priv esc that i forgot that windows exist lol

Any clues as to the root flag? I am really pulling my hair out on this one. For those stuck getting priv esc, I initially got a shell via nc, but found for getting pri esc to work I needed to use meterpreter.

Finally got that flag!