Access

Rooted. The hints on the forum were enough for me.

My only input would be to test potential commands on your local windows instance prior to trying them on Access.

fanTASTIC box. Well-named. I got root.txt no problem (except for a syntax error at 2am) but then there was ANOTHER important thing to learn in order to get a fully interactive shell. Now I understand a lot of the weirdass behavior on this box. I’m adding this to my “Totally Pwned” toolkit.

Thanks! Definitely worth pushing on to get that shell after getting the root flag.

Got root, I agree with Underworld. Test the hints from here locally before trying them on the t****t terminal. As soon as I did that I knew exactly what I had to do. Happy to help others through their issues via PM.

Hi everyone
I need help, I am user and I don’t know what I have to do to get Administrator privileges . Some hints will be appreciated.

@evilcall said:
Hi everyone
I need help, I am user and I don’t know what I have to do to get Administrator privileges . Some hints will be appreciated.

A reverse shell was the only way I was able to get into the box with enough stability to read root.txt:

https://netsec.ws/?p=331

I was able to obtain the user and root flag without a privesc , don’t think it was the intended fashion,.

I’m stuck on privesc, any kind soul to light me up pleassee!

any hint on privEsc

Guys, I am really confused about this one here. I got user, tried just about everything in the book to privesc, but nothing seems to work. I’ve been all over the r***s command, which doesn’t return any data, even the help switch gives me blank lines. Can’t get a reverse shell cause nothing will execute. I’m probably missing something stupid, but I can’t rule out some obscure misconfiguration. Would appreciate a PM; my discord is sceleris#5490

i’m trying to follow FuzzySecurity for priv esc but not sure how to import a file into windows wget won’t work…it’s not there

rooted!!! pm if u want some help
i will give u some hint without spoilers
for the entry u must get some file and get important infos
and for the root just enum the system and u get intereting thing jut know how to use it
the response is front of u

I can’t seem to get the password for the zip file… any tips would be helpfull (here or via PM)

Working on privesc. Found interesting sc***ts, and vulnerable version of program (but permissions are patched). Checked all bin_paths, all services… I’m Stuck, can anyone get a hing in PM?

@Calvo said:
I can’t seem to get the password for the zip file… any tips would be helpfull (here or via PM)

pm if you still want a hint

i’ve managed to get the root flag copied into another file by using ru*** and a quick script, but i can’t read file that either or change its permissions.

@iainpbsec said:
i’ve managed to get the root flag copied into another file by using ru*** and a quick script, but i can’t read file that either or change its permissions.

Copying it might not be the best approach.

There are other things you can to do pipe the contents of one file into a new file, and this will make sure the second file is accessible by the account you’ve used.

how did you get the administrator password?
net users stat password required = no
but it does not take blank password when doing the r***s
I tried the passwords found in the mdb table but they do not work, I also tried the password in the pst also did not work

You don’t necessarily need admin pw nixguy, you’re on the right track - look at all the flags available for r***s closely

Can someone help me? I can create a reverse shell but the connection automatically dies within a second…

@baseball737 said:
Can someone help me? I can create a reverse shell but the connection automatically dies within a second…

Do you need to set exitOnSession to false?