Active any hints

18911131417

Comments

  • Now, i have 2 smb shares. I can navigate 1 smb share, i dont have permission to directory listing in the other. what can i do? useless rabbit holes? am i in the right track?

  • @9999volts said:
    Now, i have 2 smb shares. I can navigate 1 smb share, i dont have permission to directory listing in the other. what can i do? useless rabbit holes? am i in the right track?

    Do more search on the one you can navigate through ;-) You will find something...

    1nitiative

  • Most interesting I found was a xxxxx.ixf file, not sure if it is gold because im new in AD. It file has any *S- and a name that appears to be a smb directory.... am i in the right track? TY @3poke

  • @9999volts said:
    Most interesting I found was a xxxxx.ixf file, not sure if it is gold because im new in AD. It file has any *S- and a name that appears to be a smb directory.... am i in the right track? TY @3poke

    see PM. I don't want to spoil anythings.

    1nitiative

  • Hi guys,
    Something curious happaned with meyesterday, I found a file, and interesting things on it (that I have to decrypt XD) and also connected with this credentials using Ps****. Browse a little and found the user flag, but I had to leave for a few hours and I'm not connecting this way anymore. Someone could PM me to help-me with other ways to connect?! (My access was SYSTEM already, but I lost it)
    THanks!

  • Got root, thanks for the machine, not very experienced with windows machines, learned a lot.

    dionero

  • while running hashcat, im getting segmentation fault error.. can anyone help?? or can i proceed with anyother tool to crack.?

  • Great machine! Thanks.

    thrash

  • Owned!
    If somenoe need tips, pm me!

  • in my opinion root was much, much easier to get.
    i'm total noob in windows and understanding what to to first was a difficulty. then I just needed to follow the new knowledge.
    the mentioned here i******* tool did the job. make sure you have updated version of your cracking tool

  • Just got root.txt on this machine. For those of you trying to crack the hash, the default install of John in Kali won't have the right format. You'll need to install the Jumbo "version". I followed the instructions here: https://openwall.info/wiki/john/tutorials/Ubuntu-build-howto

  • edited September 2018

    I was able to find the Gr****.x** file and obtain the password and decrypt the same. Was able to login and obtain the user flag

  • @nullsession0x said:
    Great box, really enjoyed it. Lots learn. I disagree with people saying all you need is Kali! There are tools out there that you will need to download to enable you to complete this. The tools I used were;
    Nullinux - https://github.com/m8r0wn/nullinux
    CME (CrackMapExec) - https://github.com/byt3bl33d3r/CrackMapExec
    ImPacket - https://github.com/CoreSecurity/impacket

    Enjoy

    Thanks...

  • I'm having a hard time getting to crack the TGS hashes using john the ripper, hashcat won't run on my VM. Any tips ?

  • Hi !

    After a few hours I managed to get the user flags and know (in theory) what to do to get the root flag but I am not able to generate the S****** T***** with i******* (it says invalid credentials...) Any tips ?

  • Should i use Kerberos 5 AS-REQ Pre-Auth etype 23 ?

  • Got the root flag :D !
    Learned a lot on this machine that was really cool, thx for posting it !

    Thx a lot to @3poke

  • hard time cracking password please help PM

  • Great box, really realistic!

    n0tAVirus

  • @amlamarra said:
    Just got root.txt on this machine. For those of you trying to crack the hash, the default install of John in Kali won't have the right format. You'll need to install the Jumbo "version". I followed the instructions here: https://openwall.info/wiki/john/tutorials/Ubuntu-build-howto

    Thanks For the link. Got root.txt finally.

    This was really a good machine. Learned a couple of new tools and methods.

    Pm if any hints needed.

    Draco123

  • Someone could help with user I can access only to Re...... share but there is nothing interesting any hints pls

  • Hi, I was able to got bot user and root flags but I am still wondering what's really happening behind the hood. I don't wanna spoil anything here so if someone having a good understanding of AD and k******* and i***** could message to answer some of my questions me I would really appreciate :D thx !

  • edited October 2018

    @nullsession0x said:
    Great box, really enjoyed it. Lots learn. I disagree with people saying all you need is Kali! There are tools out there that you will need to download to enable you to complete this. The tools I used were;
    Nullinux - https://github.com/m8r0wn/nullinux
    CME (CrackMapExec) - https://github.com/byt3bl33d3r/CrackMapExec
    ImPacket - https://github.com/CoreSecurity/impacket

    Enjoy

    boot2root just with this post. These links went to my bookmarks. Thanks.

    OSCP

    Hack The Box

  • @ZaphodBB said:
    Got user ! - now on to root

    Feel free to PM for user hint

    Hi could you give me some hint ? I can connect to s.. but I can access only to Rep..... I don't know how to proceed

  • Hello. i keep seeing that is easy and fast to get user.txt.. However ive been trying 2 days with this machine.. im using the enumeration tools mentioned in the previous posts, ive found shares only after smb.conf configuration to add smb2 but i cannot get access to any of them (connection failed).. any hints for how to continue? thank you

  • Awesome machine. Very realistic.

  • edited October 2018

    i found the password in the G*****.*ml file and was able to decrypt it. i just have no clue what username to use or even where to use it. can someone help me out with a hint?

    Edit: found it

  • Got the root today. actually a great machine to learn about AD. Thanks @Draco123 to the hint. If anyone need a hint, just PM me.

  • edited October 2018

    @sheepkiller said:
    Hello everyone, if you are having issues with the typical tools mentioned in this forum to connect to the service, it's probably a misconfiguration with your Kali smb.conf file. Here is what I did to fix it:

    nano /etc/samba/smb.conf

    // In the file, I added the following in the [global] section
    client min protocol = SMB2
    client max protocol = SMB3

    sudo service smbd restart

    This FIXED enum4linux for me, enabled those other tools suggested here, and COMPLETELY changed my results and now I feel like things are wide open.

    This will probably be useful to anyone using Kali for pentesting

    LegendarySpork

    my badge doesn't work, click on my profile if you want rank and stuff

    LegendarySpork

  • edited October 2018

    Hi.

    i was able to access the G*****.x** file. I have a problem cracking the password. Read here to use the h*****t but i cannot get the correct command. Please if someone can point me to the right directions as i cannot use the tool correctly. Thanks.

    EDIT: got user, moving on now to root

Sign In to comment.