@YellowBanana said:
finally got the root.txt flag. If anyone wants any hint pm me. Thanks to the people that gave me some tips. anyone who got a reverse shell please pm me.
please let me know how i will get root.text flag.i stuck in r**** and lazy user
So I’ve confirmed my syntax on the rs command is working by capturing the output of 'n u* \<share>’ on my machine, but am still struggling with a next step. Looking for any PMs with assistance!
@voncount said:
So I’ve confirmed my syntax on the rs command is working by capturing the output of 'n u* \<share>’ on my machine, but am still struggling with a next step. Looking for any PMs with assistance!
I’ve got user, but root is killin’ me. I’ve found the Z*****5 hint and the location where the meat of that actually lives, been reading the r docs most of the weekend, and messing around with syntax, but haven’t had luck getting it to work yet. Pretty sure what the ‘lazy admin’ flag for the command ought to be, but that hasn’t seemed to help yet. Figure I have to be missing something.
I’ve found that I should be able to ByTCh*** with what I’ve got, but still struggling to ty** the file I want with r****. Good grief that’s a lot of asterisks, but if anyone has a minute to shoot a hint my way, I’d appreciate it. Feels like I ought to be pretty close to done with what I’ve got.
Hi all ,
I am newbie , ive read all the lovely hints and i am stuck on a particular method. By reading the hints carefully i managed to obtain the username and password from *****file but i tried to login with the known ports but no dice.
Any hints will be appreciated !!!
Enjoyed this box. My first one on htb. Windows Privesc is definitely an area that I need to focus on. I was reminded of a useful command here. Good stuff! Peace!
@voncount said:
deleted - got root after the box was reset (for the Nth time)
Tried my same steps this morning (I didn’t keep the hash for my records) and they failed. I’m not sure if I’m missing something (perhaps someone else was on the box that made a change while I was on it) or if the box is just screwy, but I’m curious if anyone else had the same experience. PM me if you’d like to compare notes.
Like a lot of others here, I’ve successfully gained user access, and am now trying to use the r**** command with /s******d to poke further, but failing somewhat at where to go with that.
ROOT (finally)! This box can be a real beast, so no one should feel bad if it takes you a bit. The syntax in the final stretch seems real picky. My problem ended up being a need to add LITERALLY just two letters to the command, and then done. Awesome learning experience, though!
Just managed to get the root.txt - very happy. Thanks to @Gh0stP0tat0 and @clamington for their assistance here. A real finicky chain to get things working. Happy to provide hints to others who are struggling. PM me.
Thanks @Gh0stP0tat0@hray for the support , managed to get user. I enjoyed this machine , it makes you think forsenically in terms for searching for clues to access different files. Learnt a lot now its time to root this ■■■■■ !!!
having a really hard time to migrate from my x86 session to a x64 one… Everybody else starting with a x86 session or you getting x64 session from the start? Migration almost always returns timeout and i’m not able to disable defender with this user.