Active any hints

@xplo8 said:
Can anyone confirm that they are able to get the share access still. Need to understand if it’s just me. Using certain null tool with -all and ip, still nothing. Ping working, nmap detecting open ports. Anyone willing to PM help me?

Hey everyone, in case you run into this it’s handy to specify protocol version if stuck. I was using the right commands fro hours and finally had it work

Anyone I can PM about this? Really hitting a dead end here.

Got root, was pretty easy once I figured out that my packages were outdated for the tool I was trying to use. As said earlier in this thread, this has a lot of real world application and I have used very similar (almost exact) concepts time and time again on the job. I even learned something new from this box with the initial access. Great box!

I need help on init foot hold, i dont know whats wrong but the tools i am using are not working ***clinent and nulllinux are not enumerating anything + nmap scripts give me the Server disconnected the connection , any hint to solve this ? or am i doing it wrong ?

I’d need some help too. I’ve connected anonymously using ***client and could read the *****.xml file and decrypted the password. But I have no idea what to do with it. I’m trying to connect on other shares using the username and pw but it doesn’t work.

can someone help me ? i am using the right tools (100% sure) but getting connection refused. if someone knows the solution to this please PM.

I found the problem and fixed it lost about 12 hours of my life for this stupid mistake.
if anyone facing the same problem PM ME

rooted. thanks for all the ppl in here who helped in the process. I hope i can give others as much help as i can. FUN BOX.

Hi everyone, I got x** file and pass too, but I don’t know what is the next step. Can somebody give me a hint?

able to connect with ***client but cannont see foothold? anyhelp?

I just used the gui to snoop around, old school noob styling.

Some of them will let you in.

Good box, root is great learning.

Very cool box, learned a lot about ********** and ******** rofl

ROOT DANCE

Hey everyone,
I don’t know what exactly I do wrong but I seem to use some of the tools in a wrong way. At the moment I know the user names, and what shares are on the machine. I am able to get into it, but any further commands then were denied by the server. I used, for instance, nullinux and both *clients. I have no name of any x files or such yet.
If anyone would mind to help me, please PM.

Rooted.I learned a lot.Guys Thank you for help

I don’t know which tool to use to crack:
All the tools I tried does give errors or are displaying 0 Hashes/second.

Any hint?

One heck of a trip to get this box. I learned quite a few new tricks! Looking back at this journey, not everything brought direct usable results, but it sure narrowed down the searchpath. Thanks to @Grepthis for pointing out the last step, I completely would have missed that! Awesome box @eks @mrb3n!

I get “Line-length exception” error from hashcat. I know which mode I need to use, and I am using hashcat on my ubuntu laptop, no vm. Did anyone else experienced this?

@nullsession0x said:
Great box, really enjoyed it. Lots learn. I disagree with people saying all you need is Kali! There are tools out there that you will need to download to enable you to complete this. The tools I used were;
Nullinux - GitHub - m8sec/nullinux: Internal penetration testing tool for Linux that can be used to enumerate OS information, domain information, shares, directories, and users through SMB.
CME (CrackMapExec) - GitHub - byt3bl33d3r/CrackMapExec: A swiss army knife for pentesting networks
ImPacket - GitHub - fortra/impacket: Impacket is a collection of Python classes for working with network protocols.

Got root. These tools really helped me especially for root. I learned a lot from this machine. Thank you creators.

Stuck at priv esc. Can anyone PM to give a hint?

Got user ! - now on to root

Feel free to PM for user hint

@pkneca said:
I get “Line-length exception” error from hashcat. I know which mode I need to use, and I am using hashcat on my ubuntu laptop, no vm. Did anyone else experienced this?

Because you did the wrong mode.

https://hashcat.net/wiki/doku.php?id=example_hashes

Try see which one fits >__^