Access

1161719212240

Comments

  • @Andro6 said:

    @Hideo said:
    Cannot unzip Acc**** zipfile. Anyone got a hint please ?

    .pst file is help you for password and then u will get new password in zip file but i don't know how to continue... :)

    If you've got credentials, it makes sense to try to use them. If you dont have any ideas on where to use them, enumerate more.

    TazWake

    Note: https://www.nohello.com/

    Happy to help people but PLEASE explain your problem in as much detail as possible! If you say vague things like "It's not working", I cant help. This isn't Twitter so my DMs are always open.

  • I've got user.txt, been working on root.txt for 3-4 days now. Have found runas and the parameter you need to bypass administrator password prompt, but I can't seem to get it to echo out anything to either files or console.

    I've tired to make the user a part of the admin group via some bat scripts, but have not gotten anything to work yet.. Am really stuck could use some help, Please PM or Reply with anything you think might help me over this bump.

    Thanks, Crysal

    crysal

  • edited November 2018

    Hey, I'm a complete noob and this is my second machine ever. I did a n*** scan and found 3 ports open and don't know what to do from there. hints PMed to me would be appreciated!

  • @EthanM03 said:
    Hey, I'm a complete noob and this is my second machine ever. I did a n*** scan and found 3 ports open and don't know what to do from there. hints PMed to me would be appreciated!

    Try to connect to each of the ports you found. Some may need authentication, some might not.

    If you can connect without authentication, have a look around and see what you find.

    92.85% of "pentesting" is down to recon*. Find something, examine it, find something, examine it. If you do this well, getting in is easy.

    (*) disclaimer - I am 100% not a pentester, I dont portray one in movies and I have (almost) no pentester certifications.

    TazWake

    Note: https://www.nohello.com/

    Happy to help people but PLEASE explain your problem in as much detail as possible! If you say vague things like "It's not working", I cant help. This isn't Twitter so my DMs are always open.

  • This one was fun. It was all about the proper syntax for me on root.

  • Rooted. If someone needs a hint PM me.

    Baikuya
    OSCP

  • Currently working on root, I know which command and which thing to put after /s********d But not the syntax, if I could have a hint in my PMs it would be super appreciated

  • Rooted... but not the way I thought I would...

    PM me if you're stuck

    Hack The Box

  • I would love a hint for this.
    Got user.
    Struggling with root.

    Tried the following:
    R**a* /with some switches
    P****s**** /with some switches

    Tried to run CMD as an admin user using the above methods.
    Attempted to change system variables...

    I must be missing somthing...

    Always happy to help others. 100% human

    https://www.mindfueldaily.com/livewell/thank-you/

  • rooted shell.
    got root flag.

    a lot of you guys are on the right track but pay attention to details! test on your machine!

    PM me if you need help

  • @TazWake said:

    @MotorBods1vYF1 said:
    I can't access the zip file because of unsupported compression...

    It might worth looking into why you are getting this error message.

    do i need to keep diggin through the table data for more logins?

    Probably, but you might already have what you are looking for - you just need to use it in the right place.

    Am I supposed to try and log in on the enumerated ports with the usernames and passwords found? I get nothing for a----,en------,and back-------- for tel--- and f-- ports

  • @MotorBods1vYF1 said:

    Am I supposed to try and log in on the enumerated ports with the usernames and passwords found? I get nothing for a----,en------,and back-------- for tel--- and f-- ports

    Yes, you need to use the credentials. Re-read the email. It tells you what account to use.

    TazWake

    Note: https://www.nohello.com/

    Happy to help people but PLEASE explain your problem in as much detail as possible! If you say vague things like "It's not working", I cant help. This isn't Twitter so my DMs are always open.

  • @TazWake said:

    @MotorBods1vYF1 said:

    Am I supposed to try and log in on the enumerated ports with the usernames and passwords found? I get nothing for a----,en------,and back-------- for tel--- and f-- ports

    Yes, you need to use the credentials. Re-read the email. It tells you what account to use.

    Oh sweet its working now and got user flag. Thanks! So t----- is moving at a crawl and keeps failing on me. But, I did notice a .ps1 file that I had not seen before; guessing someone did something....should I consider that a hint?

  • Possibly but you really dont need powershell for this box. Read back through some of the previous messages for better clues.

    TazWake

    Note: https://www.nohello.com/

    Happy to help people but PLEASE explain your problem in as much detail as possible! If you say vague things like "It's not working", I cant help. This isn't Twitter so my DMs are always open.

  • edited November 2018

    Hey guys, just started the box a few minutes ago.
    Scanned ports, and "loged on" the f-- one.
    ls & dir aren't recognized, fine.
    But when I use LIST I get this error :
    list
    150 Opening ASCII mode data connection.
    425 Cannot open data connection.

    I hope there is no spoils, but I am really wondering if it is intended and if I need to check how I can fix this, or if there is a problem..

    EDIT : Ok so I was using nc or tel*** to connect in f**, then I just installed and tried with another and it's working ... Sorry guys ! (if someone knows why it wasn't working with these two can you PM me the reason :) )

  • Rooted! Great box, and I learned a lot from this box! If anyone having difficulty on this box, feel free to PM me!

    Thank you very much @egre55 for this awesome learning box!

    Hack The Box

  • @qdada said:
    this box is exposing how much of a N00b i am. I can do things that normally a privileged account such as Administrator should do, including create new accounts, even add myself to Administrator group. But I am not able to understand why i cannot read the root.txt

    Same boat !!!!!!

  • Yo !! Finally I got root !!!!
    Thank you @TazWake :)

  • got user already, but pretty stuck with root. i don't actually know what to do with r****, since im pretty newbie with windows privesc.. if someone could pm me i would be very thankful

  • Stop reseting the box every 10 minutes. There's other people trying to work on it.

    v1ew-s0urce.flv
  • I Am Trying To Root it via "Runas" command

    I learn full sysntex, But not success

    Can anyone Help me for it
  • rooted!

    Overthiking of how to PE.
    Actually just need to run a command with correct syntax.

  • I finally rooted this machine... thank's guys...
    I have to admit that until now the error was that i'm more lazy than the admin...
    thank's!!!

  • not sure what is going on here FTP seems crackers... how do you enumerate ftp when it hangs in a ls or dir

  • Priv esc was super annoying, but in the best possible way. Just make sure you get the syntax down right, google what you are trying to do if you get stuck. There are examples of people doing this. Take what you learned from that and apply the lazy admin thing everyone else keeps talking about.

  • Many people have said this but I think it needs to be resaid: You guys need to run the commands you write in a windows machine, it will save you A LOT of time. I spent a day trying to make the r**** command work from t****, but it took me no more than 15 minutes to figure it out on a windows machine.

  • hi, which tool do you guys used to break .pst zip file?

    NAGARAJNOW

  • @nagarajnow said:
    hi, which tool do you guys used to break .pst zip file?

    Maybe you don't need to break it per se, there should be a more "passive" way to open up the .zip

  • Hi, any anyone assist me with getting the privesc for the root flag, I have tried do many commands to elevate but seem to have brickwalled on this :(
    PM me and I can tell you where I am at, I believe I am close but cannot seem to get the syntax to work.

  • edited November 2018
    Spoiler Removed - egre55
Sign In to comment.