Reel

Getting the use is fun part. but now I’m stuck at the root.

any hints guys?

I managed to privesc from tom to ****** using the *****view to enable some commands and modify a property for the ****** user as tom.

But now I’m stuck…again :disappointed: :smiley:

@dodo said:
I managed to privesc from tom to ****** using the *****view to enable some commands and modify a property for the ****** user as tom.

But now I’m stuck…again :disappointed: :smiley:

Happy to help feel free to DM me.

Got initial shell, I think I know more or less where I should go but no luck. Any hint please ?

@dodo said:
I managed to privesc from tom to ****** using the *****view to enable some commands and modify a property for the ****** user as tom.

But now I’m stuck…again :disappointed: :smiley:

Thanks! I was trying to do the same but with other tools. I used *****view and it worked :dizzy:

Hi,
Could anyone PM me a foothold about this box? I found few ports open, and I tried to exploit these ports by using metaxxxx but I was failed, and also tried some other exploits about these ports, but also failed. Then, I have no idea what I need to do…

Thank you.

Hmm, I’ve enumerated and have read some files and I am now researching what I see. Is this box attackable from Kali or do you need to be on a Windows machine? (PM would be helpful)

@LegendarySpork not necessary to be on a Windows machine, with Kali you can do everything you need.

.

I originally thought so but suddenly felt uncertain … kali has (or you can apt-get) loads of excellent tools for working with Windows, a few of which I have already used to get to this point. Thanks!

Give a hint about a privilege escalation from tom, please! I see that there’s a pentest tool, but I can’t run it. Any hint, please how to move a next step. Thanks in advance!

Hey guys, after owning several easier boxes I decided to try something slightly more difficult because what’s the point if you don’t advance right!? Well… Stuck pretty early on here but found some interesting stuff that surely are relevant at some point and another service I’m having a tough time enumerating what I feel is my way to initiate a foothold if anyone has time for a PM I’d really appreciate it! Just looking for some general advice.

Edit:
I think I actually found what I was looking for after reading more closely some docs available to me, hopefully now I can use that other service to get that delivered :v

@dodo said:
I managed to privesc from tom to ****** using the *****view to enable some commands and modify a property for the ****** user as tom.

But now I’m stuck…again :disappointed: :smiley:

I’m stuck at this same point. Anyone i can DM about it?

Never mind, i got it. Feel free to DM me.

Hi,

I need a bit of help with this machine. I discovered the service which possibly could be running on the machine and I also know how to connect to it. But I am unable to figure out how to exploit this particular service.

I googled a lot and found everywhere that it requires credentials to login to the machine. I checked the configuration file as well but it also does not contain that much of info to land somewhere.

I have done a lot of linux machines previously but not windows so far. This is just the second windows machine I am doing. So, don’t know much about powershell commands and other windows exploitation techniques. Any help will be appreciated.

Has anyone managed the first step without the m-tool? I’ve got user reliably but I’d like to be able to do it manually. It seems straightforward enough and I’m pretty close, just failing on the very last bit.

So, i’ m t** now, when I import ‘The file’ it says bad JSON in BH and does nothing. What am I missing on that one? Feel free to DM

@Wubalubadubdub said:
So, i’ m t** now, when I import ‘The file’ it says bad JSON in BH and does nothing. What am I missing on that one? Feel free to DM
Happened to me too. Be sure the file is transferred correctly (I happened to miss a few bytes). Compute and compare checksums.

I’m stuck at priv esc, if anyone can DM me, please do. Thanks

I guess i’m the only idiot here because i can’t get initial foothold at all… I see smtp, i see the files, i have an idea of what to do but it doesn’t seem to be working so i guess it’s the wrong way?