@Vex20k said:
I obviously have to do something with r***s but no matter what syntax I try, i get absolutely nothing. I can’t check the other desktops because they all say access denied.
ok so a few people seem to have the problem that they can’t read root.txt. is this expected? i checked the permissions and as NT_AUTHORITY_SYSTEM i do have full control over it. i don’t get it.
@Vex20k said:
I obviously have to do something with r***s but no matter what syntax I try, i get absolutely nothing. I can’t check the other desktops because they all say access denied.
For all those who struggle to read the root.txt although they are NT AUTHORITY\SYSTEM or belong to the same group as NT AUTHORITY\SYSTEM: think about what you do as a privilege user on your recent personal Windows desktop/laptop when your system asks something because you are trying to install a new program.
You “just” have to translate it in the (non interactive) shell you have.
So, I’m stuck. I can’t figure out how to get root. I tried the runas command but without a password, well… I have read every post here but all the hints ended up doing me no good. Could someone PM a little guidance. Much appreciated.
Could I PM someone who has accessed the server for the first part? Using the info from my nmap scan and protocols available, I need to find out if I’m not doing something wrong or I have a problem with my connection.
Worked out firewall was preventing the server talking back to my computer, thanks to @Tazwake it prevented me from going down rabbit holes.
@JKryten said:
So, I’m stuck. I can’t figure out how to get root. I tried the runas command but without a password, well… I have read every post here but all the hints ended up doing me no good. Could someone PM a little guidance. Much appreciated.
same here if someone can help me
pm me
thx alot
EDIT:GOT IT wrong syntax…
@absentminded said:
Could I PM someone who has accessed the server for the first part? Using the info from my nmap scan and protocols available, I need to find out if I’m not doing something wrong or I have a problem with my connection.
Worked out firewall was preventing the server talking back to my computer, thanks to @Tazwake it prevented me from going down rabbit holes.
There are two common services that are running on lower port numbers, say the 20s, that are used for getting into this box for user.
Wow finally rooted
Had an issue for the user with the inetutils, but the issue went with the iputils equivalent, then it was straightforward to the user flag.
The privEsc part, also personnaly I just got the root flag, nothing else. Just do basic windows privEsc enumeration, combine everything interesting together and write painfully that long command to get it.
In general, nice box, learned a lot about Windows and that’s great