Access

1171820222340

Comments

  • As an FYI for those that might make the same mistake as me....there are multiple tables with useful information. Not just one.

  • Rooted this box yesterday, i liked it! Good box to learn some new tricks on.
    My most valuable tip for user.txt was to check how you get your files, if they are corrupted. After that it's just reading and executing step by step, with a little bit of searching.
    For priv esc, just use the command that's been stated here a lot. It finally worked for me, after i replicated the environment on my own windows box, and then crafted the string until it did what i wanted it to do. When you do it on your own windows box you can check for syntax errors etc. My tip: Just write your command on your windows box until it does what you want, then change the paths and copy it over to your user shell. :)
    If anyone needs help, feel free to PM me, i don't spoil, just nudge you in the right direction.

    0x1ns1d3

  • edited November 2018

    Would really love some help on getting user. I have the 2 files and am sure they are not corrupted. Tried to cat these files for any useful strings but couldn't find any. Also used m**tools cmds, but couldn't read the header. Any tips or DMs would be really appreciated!

  • @SneakyManatee said:
    Would really love some help on getting user. I have the 2 files and am sure they are not corrupted. Tried to cat these files for any useful strings but couldn't find any. Also used m**tools cmds, but couldn't read the header. Any tips or DMs would be really appreciated!

    Tip: Keep trying to use that tool. Check out for every command you can use with it (there's more than one). Google is your best friend now.

  • ROOTED after 3 days! that was fucking awesome hard, but learned alot of new things in windows.. a HUGE thanks to @franpen for the help, without you i wouldn't be able to do it buddy!

  • Just got root too. PM me if you want some help.

  • @SneakyManatee said:
    Would really love some help on getting user. I have the 2 files and am sure they are not corrupted. Tried to cat these files for any useful strings but couldn't find any. Also used m**tools cmds, but couldn't read the header. Any tips or DMs would be really appreciated!

    Check the type of the files you have, and how to handle them. Google is a big asset here.

    0x1ns1d3

  • @franpen said:

    @SneakyManatee said:
    Would really love some help on getting user. I have the 2 files and am sure they are not corrupted. Tried to cat these files for any useful strings but couldn't find any. Also used m**tools cmds, but couldn't read the header. Any tips or DMs would be really appreciated!

    Tip: Keep trying to use that tool. Check out for every command you can use with it (there's more than one). Google is your best friend now.

    Thanks for your reply. I have looked through each part of the tool. I'm able to see the content and export to .c**. Have tried to go through the content but haven't gotten anywhere sadly. Would like any help (even spoiler level help via PM)...thanks!

  • @SneakyManatee said:
    Thanks for your reply. I have looked through each part of the tool. I'm able to see the content and export to .c**. Have tried to go through the content but haven't gotten anywhere sadly. Would like any help (even spoiler level help via PM)...thanks!

    Just keep looking. Something in there must tell you what to do next. You will find it eventually !

  • can't get root. I have admin access, cant seem to get a reverse shell. pm me please.

  • I am Stuck.... I got user before I knew it, but struggling on root. PS not getting me anywhere. Ran the tools in my win box, and I have the stx right where I am not getting any errors, but I can't seem to get the commands to c* or >> the file anywhere... I hope this is making sense. Any Nudge with the r**** /s****** " *** \ " ....(you get the drift I hope) would be appriciated. PM Please !

    I've tried trying harder....

  • Hi everybody, I manage to get root maybe too easy and I'd like to check my approach, if anybody is willing we can take it offline, my idea is to use technique that everybody are talking about (r***s) and to run common program on target in order to get reverse shell on my box and it works. Manage to read root.txt without any issue and everybody are complaining about that. So, from my perspective it looks too simple and I did't get issues that everybody are mentioning... My concern is that my technique maybe works only in certain conditions so I'd be glad to verify my approach if anybody is willing to briefly discus it offline :) Cheers!

    Arrexel

    |OSCP|OSCE|

  • Tried every possible variation of the ru*** command without any luck. I think that something is messed up with my syntax, but can't think of any other way anymore, maybe some good soul can help me with some tip?

  • Yay, finally rooted.
    Awesome machine @egre55 - I did learn a lot here. I must admit it was also equally frustrating as well as fun.

    Head needs a rest now.

    Always happy to help others. 100% human

    https://www.mindfueldaily.com/livewell/thank-you/

  • Can someone send me a PM? I'm almost positive my r**** command is correct but I'm turning up nothing.

    b1gbroth3r

  • My first approach for getting root.txt was to play with file permissions and while I was able to give the user account all file privileges (and ownership) of root.txt, I still wasn't able to read it. I eventually found a way around it and got the information from the file, but could someone point me to a source that would explain why reading was not possible when seemingly one had all the permissions? I thought I had fixed UAC registry entry as well. A later experiment with reverse shell seemed to be bit more straightforward approach for this, though :)

  • finally managed to get root, thanks @joesch for the hint!

  • Hello everyone I need help, I have the zip and the damaged file in c. someone can give me clues what to do next.
    P.S. Excuse me for my bad English.

  • edited November 2018

    I'm stuck after User. Found some command syntax's in a certain directory, but haven't really found anything that works or useful. If anyone can give me any tips on priv escalation or what to look for. Haven't been able to escalate even to System rights.

    Edit: so I know my r**** command is working, I can see I get an admin command prompt open with that. Can't figure out for the life of me how to migrate to that process or if that's possible?

  • edited November 2018

    Rooted, user is about enumeration and root is enumeration+syntax, google and running commands on a windows box to see what they do helps.

    Feel free to contact me for help.

    keresh

  • A hugely frustrating box! Especially root.txt. I had at one point a reverse shell with system but couldn't get root.txt. Eventually a reset and a simple command got me root.txt. Can't quite figure why as system I kept getting access denied.

    hexiburner

  • I give up with the root flag on this. Got /r**** /s******* syntax working once, whilst trying to read the file, box gets reset. Now everything I tried before doesn't work at all...

    tiger5tyle

  • Rooted ........ \n/ ..... Need help, PM me :)

  • may i take help? please pm.

  • I’ve been struggling with root for the past few hours. I’ve been running “the command”, and including the “lazy admin” part, but I’m not even sure which executable I should be using or what my overall goal for the command is. I can get the command to send back a password prompt, but I don’t have the password. Any and all help is appreciated.
  • Well that was a learning experience.... Easy user access but struggled a lot with the syntax for commands while gaining root.

  • please pm me for privesc as i dont have any knowledge on it.

  • Okey,

    i hope someone can help me with this.

    so i got the files via the f******

    but i cannot use the B*****.m*****

    i tried using a Tool, but that keeps giving me the EOF error, can someone help me or just pm me a screenshot of the file

    thanks a lot!

    Hack The Box

  • Looking to learn a lesson here. For PE, how did you know to use R? I take it the Z was a rabbit hole?

  • could anybody pm me for root? using ru*** to try something but cant seem to get syntax right. any help?

Sign In to comment.