I don’t get it, I have all files for priv. user (key, cert & signed cert) but every time I generate new key or convert existing is says it’s a public key. Key is protected on file system level and even if I allow s**-***** to output it to default location (unpriv. user does not have access to it) and print it from there (or convert it to new file) still tools like ssh, Pu****n are claiming that file is cert (public key).
EDIT: Rooted, still I’d like to discus some things which are different on machine and on internet manuals
Best tip that you can get on priv. esc., spent a lot of time before I figured out that, I’n articles they’re usually using root for example of principal
Hey can someone give a hint for priv esc?
I understand using s**-**n and principals, but I dont understand how to interact with ssth on web page, tried many things but always getting a 400 error.
Edit: Got root thanks so much to @The5thDomain for the help and to @deda1mraz for the final hint I needed!
Could anyone lend me a PM hand. I read the article but I do not know what I am doing wrong with d*** s**-K**-***. I followed the article but I can not read the private. It only displays the public key with any flag I try Any help would be great.
@chmod0597 said:
Could anyone lend me a PM hand. I read the article but I do not know what I am doing wrong with d*** s**-K**-***. I followed the article but I can not read the private. It only displays the public key with any flag I try Any help would be great.
You can’t display a private key with the command. This is not how this is supposed to work.
Working on root and syntax for the s**-*****n command. I’ve found and am using the files of interest in the command, but still getting strange output. would be grateful for a PM hint!!
I’m still stuck on initial foothold. I’ve read every post in this forum and can’t seem to make headway. I’ve got two users listed, got a hash, know what I can do with the hash, but still get a bad_network_name or bad_logon depending on the tool I’m using. I have a good idea as to what I need to do once I get my foothold, but I’m just stuck.
Nice box , spent all day struggling with user just to find out that I was using the wrong method to pass credentials I found in LDAP. Once I got a session on the box , got root in 10 minutes of enumeration BUT not through the same path as per the comments here , I think I have an unintended Priv Esc as far as I can see …