@genxweb said:
Has anyone done this box without a windows attack box? I run mac and vms of kali do not have a copy of windows to use for a challenge without pirating which is not a good thing to be doing.
You can download legitimate windows VM’s there for trial use. I solely run linux with a kali vm. When I need windows, that link is where I get mine from.
@genxweb said:
Has anyone done this box without a windows attack box? I run mac and vms of kali do not have a copy of windows to use for a challenge without pirating which is not a good thing to be doing.
You can download legitimate windows VM’s there for trial use. I solely run linux with a kali vm. When I need windows, that link is where I get mine from.
@crysthoffer said:
“****** has reached the maximum allowed number of sessions per user. To start a new session, the user must first sign out from another session.”. I need to wait, or I can bypass this?
its 2 active user(sessions) allowed not more (its WIndows thing), so maybe you have to wait more time on free servers
Very nice machine. Easy to read the file once you know the path. Learned a lot in the initial steps to user. I went back modified the code I wrote to add myself to the machine as an administrator for poops and giggles.
I’ll leave my review here. The machine was outstanding good and hard, learned a ton from it. Now to the part were i give some kind of usefull hint, for everyone that is trying to abuse the Common Factor attack that you already located you need to abuse it in a type of a different way to achieve getting what you need(Creds). Take a look into that page,http://www.patrickkeisler.com/2012/11/how-to-use-xpdirtree-to-list-all-files.html i have to say that this one is a major spoil for undergoind the whole machine process, so everyone that is overly dramatic either take your eyes away from it, or report it as SPOIL.
been on privesc for 2-3 days now. i know what im able to do and what i can read, found a few interesting things but not anything i can use… im now a bit blinded by it all and struggling to move forward
I’ve managed to get the classic Windows hash through Resr and xp_* of \G****\s***y, but cracking it with john I get ‘NO PASSWORD’, so doesn’t seem to me the right road.
@iswearimnotalu said:
I’ve managed to get the classic Windows hash through Resr and xp_* of \G****\s***y, but cracking it with john I get ‘NO PASSWORD’, so doesn’t seem to me the right road.
Any hints?
Try with the most used wordlist. You’re on the right track
@iswearimnotalu said:
I’ve managed to get the classic Windows hash through Resr and xp_* of \G****\s***y, but cracking it with john I get ‘NO PASSWORD’, so doesn’t seem to me the right road.