Hint for Sunday

I didn’t use the technique everyone says though…pretty cool.

Is there anyone willing to share their full nmap result? I really can’t do full scan due to latency issues. It almost took me couple of hours and gets nothing, besides the machine keeps resetting by people. Thanks in advance!

@rocux said:
Is there anyone willing to share their full nmap result? I really can’t do full scan due to latency issues. It almost took me couple of hours and gets nothing, besides the machine keeps resetting by people. Thanks in advance!

Sent. The stability of this box is terrible

On the note of enumerating the interesting services, can someone send me a pointer or two? I’m not sure if I can try the output of the tools I’m using right now due to the network issues

Thanks,

@ccma40 said:

@rocux said:
Is there anyone willing to share their full nmap result? I really can’t do full scan due to latency issues. It almost took me couple of hours and gets nothing, besides the machine keeps resetting by people. Thanks in advance!

Sent. The stability of this box is terrible

Hey can I get the full nmap results too? I doubt the scan will ever complete.

Got root.txt but no shell. Tried everything in the forum and other ideas I could think of by exploring the box. I realize some files in /etc/ can be overwritten but people have suggested a cleaner way is possible. Can anybody drop a hint for the cleaner solution?

Would anyone be willing to PM me their full scan results? The latency on this box is ridiculous and mine can never complete.

@p3ac3ch3ck Pm me,

Got the second user, and on my way to root. I think I’m on the right path. Could I PM someone to check if it’s correct?

Can someone pm me the nmap results…tried 10times already never finishes…!!

@ccma40 said:
On the note of enumerating the interesting services, can someone send me a pointer or two? I’m not sure if I can try the output of the tools I’m using right now due to the network issues

Thanks,

So…the network conditions were definitely not helping. Certain tools were having issues returning all their results which resulted in certain…interesting users not being returned.

Frustrating.

running a certain metasploit scanner will return far more interesting results than nmap for users who are having stability issues…

@Hacklen I knew that was gonna be the pass but enumeration was my downfall. This is one of those where “enumerate and then enumerate” again was SERIOUSLY the case -_-

Could some one give me some hints as to what to do after getting in with a first user? I see a user text but dont have the user to get to it. Also not sure on priv esc. Thanks!

@Underworld said:
Could some one give me some hints as to what to do after getting in with a first user? I see a user text but dont have the user to get to it. Also not sure on priv esc. Thanks!

I would say lookout deep into the bottom and see what can u find.

Lol fanks. Got user.

I got user and root but not shell (root), i found the password of root. I try to crack (john the ripper) the password but I could not.
Someone can give me a hint to crack it.

Yea I’m actually in the same boat. Pwned user and root, but didn’t manage to crack. I’m guessing Hashcat might do the trick from reading various posts. I tried a bunch of wordlists but no luck.

Did someone change the password for the users? :expressionless: Come on!

Any hints on initial foothold, i have enumerated all the ports, found users, using msf auxilary module, but can’t use any of the users to login with.