SecNotes

I have identified the technique to access the database and I read database name and a few other things but I am getting the “Something went wrong error”. Some to PM me hints on refining my technique to extract more info?

i tried using smbexec.py to execute commands on the box, i keep getting an error message. I also tried uploading an aspx rev shell but to no avail

I finally got a stable shell and am enumerating the various folders looking for a potential privesc, this certainly is a tricky box

Ah Rooted!

The answer already there but because didn’t really to focus something different in the command.

Eyes problem lol

Rooted. My hints for this box:

  • first part: use one of the most famous hacking techniques for crafting malicious inputs in web-apps
  • second part: use the “new” service to load your shell
  • third part: look around to see what “new feature” has been added to windows systems
  • fourth: use that feature to gain root as you would usually do

p.s. the cool thing is that you can perform phases 2 and 4 in a variety of ways

@gregX01 said:
I have identified the technique to access the database and I read database name and a few other things but I am getting the “Something went wrong error”. Some to PM me hints on refining my technique to extract more info?

I think im getting same thing when i try to inject. can someone PM to help limp along?
every time i try inject on R******r.php page i get “Something went wrong error”, any hints how to get past this?

@lordsoahc said:

@gregX01 said:
I have identified the technique to access the database and I read database name and a few other things but I am getting the “Something went wrong error”. Some to PM me hints on refining my technique to extract more info?

I think im getting same thing when i try to inject. can someone PM to help limp along?
every time i try inject on R******r.php page i get “Something went wrong error”, any hints how to get past this?

DM Me

Great box. Just rooted. learned something in order to get user. the root flag was easy for me. I already had the knowledge to do it. btw. thanks for the box

Can someone pm me with hints for the user flag? I don’t know how to use sc***.

Just rooted this little beauty. I’ve learned many things. Thank you to the creator of the machine!

PM me if you get stucked. Only specific questions.

Just rooted.
Path to user was pretty frustrating, even though it was so simple.
Path to root was fun. found it pretty realistic.
hardest/most annoying part about rooting is figuring out how to get a stable shell

Hello guys, i’m stuck on first part.
Im able to get some usernames and hashes from the database.
Do i need to crack these hashes with h*****t (Way too long with my computer) or there is another way to get to the other service ?
any hints ?

Hi all, i’m having a lot of 500 errors trying some queries, is this normal? I’m following the track of Nightmare but I’m stuck!! Some advice is welcome… please PM

I just have to say, this is one of the greats! So many shellz.

This is my second box and it is a serious kick in the nuts. Can anyone PM me some hints?

Would greatly appreciate if someone can give me a nudge on how to root (:

Hi ! Need a little help PM me plz i got a limited shell i dont know how i can go further

EDIT: Rooted ! Ty @iamr00t for the help ! nice box !
@ChiefCoolArrow thank you but this was not what i meant. I got a shell as user “i** a*****/n******” and i was struggling to get user but @iamr00t helped me with that. Thanks anyway :slight_smile:

@Loss420 said:
Hi ! Need a little help PM me plz i got a limited shell i dont know how i can go further

@Loss420 @Daffyspider
W10 added some cool Linux features recently. Explore what you can do with them.

how on earth are you guys getting stable responsive shells?!

nvm…got it on to privesc!

I am very new to windows… I have some doubts… Can someone pm me for help…