Access

Hello, i’m stuck on the privesc part, would love a nudge on the right direction!

Got user. Still can’t read the root.txt. Tried numerous variations of the ra command and tried reading its manual also. Already tried doing this on a Windows machine and it seems my syntax is working. but not with this box.

I’ve read i should redirect the file but i was only able to redirect the password prompt… am i on the right track? Should there be a password prompt in the first place?

looking forward to some help. thanks

Can someone help me with the privesc I run with r***s, i’ve used the .exe file but after more then 150+ tries and trying it on my own windows machine. I still can’t get it to work…

Rooted! Loved this box, I learned something new and it was fun, if anyone wants a hint (no spoilers or solutions) PM me anytime.

Finally got root ! I was lucky :stuck_out_tongue: Anyone help me with the reverse shell , i dont think i have it set up correctly :frowning:

@pratheepan8 I sent you a PM

I got the AC.zip,but not able to get password can help me plz DM?

the command run** is not showing any output what so ever? is something wrong?

Hi guys,
I tried to use it on my laptop with the M$ app and the AV detects one of the file as with “Exploit”. Could be there something wrong with that file? The Avast and AVG detects it. Do you have the same issue?

@Charkh said:
Hi guys,
I tried to use it on my laptop with the M$ app and the AV detects one of the file as with “Exploit”. Could be there something wrong with that file? The Avast and AVG detects it. Do you have the same issue?

Check with virutotal just to be sure

@Charkh said:
Hi guys,
I tried to use it on my laptop with the M$ app and the AV detects one of the file as with “Exploit”. Could be there something wrong with that file? The Avast and AVG detects it. Do you have the same issue?

Ok, false alarm. If you use different mode when downloaded a SIGSEG may occur or both AVs can detect it as exploit. :slight_smile:

Sorry…

@whitesails said:

@Charkh said:
Hi guys,
I tried to use it on my laptop with the M$ app and the AV detects one of the file as with “Exploit”. Could be there something wrong with that file? The Avast and AVG detects it. Do you have the same issue?

Check with virutotal just to be sure

Three engines detects it out of 56. Explanation provided.
Thanks for heads up :wink:

@Charkh you welcome buddy

@baseball737 said:
Can someone help me with the privesc I run with r***s, i’ve used the .exe file but after more then 150+ tries and trying it on my own windows machine. I still can’t get it to work…

Same boat.

rooted. Thank you @hray for the hint. PM if you want a nudge in the right direction. Cheers @egre55 for the box.

rooted! Thank you @egre55 for the box. Learned a lot and improved my Windows cmd skills.

Special thanks to @MrFlash24 and @hray for the tips. This is just my 2nd box and would take a longer time to root w/o your help.

@nagarajnow said:
can anyone pls share which tool have you used to crack acc*** C0n****.zip file? I used zipjohn with rockyou and failed,

Please check B****.mdb File

I spent 3 hours absolutely hating this privesc portion, until I finally figured it out. I feel so accomplished, and I learned a ton about privesc on windows! Something I’ve been fairly weak in. This might even be my favorite challenge now.

If anyone is still struggling, the hints above are all you need. really read the man pages! ALL OF IT!

@baseball737 said:
Can someone help me with the privesc I run with r***s, i’ve used the .exe file but after more then 150+ tries and trying it on my own windows machine. I still can’t get it to work…

Rooted, thanks to @MrFlash24

Hi, scanning using nmap and it show f** and t****t is closed, it is ok? I read some post in this thread they login to f** then download something. anyone can give me hint?