Access

finally got the root, thanx to @tryhardyomismo for hint, any one need hint, please PM :slight_smile:

rooted, thanks @sixtonspacefly

@absentminded said:
Could I PM someone who has accessed the server for the first part? Using the info from my nmap scan and protocols available, I need to find out if I’m not doing something wrong or I have a problem with my connection.

Worked out firewall was preventing the server talking back to my computer, thanks to @Tazwake it prevented me from going down rabbit holes.

There are two common services that are running on lower port numbers, say the 20s, that are used for getting into this box for user.

Can someone PM with some clues to get the root.txt? I’m hooked there!! Thx

Wow finally rooted
Had an issue for the user with the inetutils, but the issue went with the iputils equivalent, then it was straightforward to the user flag.
The privEsc part, also personnaly I just got the root flag, nothing else. Just do basic windows privEsc enumeration, combine everything interesting together and write painfully that long command to get it.
In general, nice box, learned a lot about Windows and that’s great

Hi. I have a question about getting shell - I would be very grateful for a PM so I won’t spoil

edit: Thanks for the help - I got what I needed.

access denied for reading root.txt?

I struggled with the privesc, running the commands on my own box helped a lot, as I got to see the output of what I was trying.
This box makes a lot more sense once you see the effect your commands are having and are not just blindly firing into the dark.
Fun box, thanks @egre55 :slight_smile:

well done guys! glad you’re enjoying the challenge, and thanks!

I really over-complicated privesc…I know that’s probably annoying to read when you have no idea where to go but the r**** hint is what you need to focus on. Really read through the man page and read what each parameter does. Then think how you can implement that r**** w/ a parameter to run something for you.

@virtualclown said:
I really over-complicated privesc…I know that’s probably annoying to read when you have no idea where to go but the r**** hint is what you need to focus on. Really read through the man page and read what each parameter does. Then think how you can implement that r**** w/ a parameter to run something for you.

where did you find the man page for this application?!

I don’t want to be a salesman… but a paid version, and a good reset makes commands you punched in 100 times work the first time you try it! ::rootdance!:: thanks all!

Finally got root on Access, really way harder than I expected at first but I know a lot more about certain common tools now! Thanks @virtualclown and a couple other people who helped me out. I will provide some hints to those who need it.

Can someone PM a hint on how to open the root.txt? I feel like I tried everything at this stage and nothing has worked

General hint: if you are on Kali and you want to read some weird file type, for example a .blb file, first try “apropos blb” then blb (bash completion) and “locate blb” to see if there’s already a relevant toolset on the system. Then “apt search blb” to see if there’s something relevant in the repository that can be installed. Finally, google “read blb files on kali.” Also, “strings” is your friend. Also read man pages of the relevant export commands to see if you can export to a simple file type that’s easy to read with other simple commandline tools.

Rooted. Fun box - and nice problems. Happy to help others by PM

Ergh is it me or the box ? Can’t even run ru**s /? to get help menu.

I see the file on desktop showing command with stored creds but still stuck

Finally Got Root :slight_smile:
it was little hard for me as it was my first Machine
Thanks @Tract0r and @jackshd

Thanks to @owg made a slight adjustment and boom “RootDance”
My tip is don’t over complicate Run*s command and maybe you might need to go beyond the initial shell you have.

I am having trouble of installing the tool in my kali. any help? I am pissed