@Charkh said:
Hi guys,
I tried to use it on my laptop with the M$ app and the AV detects one of the file as with “Exploit”. Could be there something wrong with that file? The Avast and AVG detects it. Do you have the same issue?
Ok, false alarm. If you use different mode when downloaded a SIGSEG may occur or both AVs can detect it as exploit.
@Charkh said:
Hi guys,
I tried to use it on my laptop with the M$ app and the AV detects one of the file as with “Exploit”. Could be there something wrong with that file? The Avast and AVG detects it. Do you have the same issue?
Check with virutotal just to be sure
Three engines detects it out of 56. Explanation provided.
Thanks for heads up
@baseball737 said:
Can someone help me with the privesc I run with r***s, i’ve used the .exe file but after more then 150+ tries and trying it on my own windows machine. I still can’t get it to work…
I spent 3 hours absolutely hating this privesc portion, until I finally figured it out. I feel so accomplished, and I learned a ton about privesc on windows! Something I’ve been fairly weak in. This might even be my favorite challenge now.
If anyone is still struggling, the hints above are all you need. really read the man pages! ALL OF IT!
@baseball737 said:
Can someone help me with the privesc I run with r***s, i’ve used the .exe file but after more then 150+ tries and trying it on my own windows machine. I still can’t get it to work…
Hi, scanning using nmap and it show f** and t****t is closed, it is ok? I read some post in this thread they login to f** then download something. anyone can give me hint?
@darkcyber said:
Hi, scanning using nmap and it show f** and t****t is closed, it is ok? I read some post in this thread they login to f** then download something. anyone can give me hint?
nevermind, wrong thread. I should this is about Access machine, not Active machine.
I wouldn’t have figured to use r**** without the hints here. What was I supposed to find on this box that would’ve led me to try using this tool on my own?
I’m stuck on what i believe to be the last part of root priv esc. Found the Z********** flaw but struggling to leverage it. Advice would be appreciated!
finally got the privesc after WAY too many hours. figured out what i probably have to do in the first 15 minutes, struggled with the rest for wayyyy too long
do yourself a favour and try whatever you’re doing on an actual windows machine before you try it on this box. it will save you massive headaches
@rowbot said:
Looking to learn a lesson here. For PE, how did you know to use R**? I take it the Z** was a rabbit hole?
I have the same question. Without the ton of spoilers on this forum how would you have figured out that the command mentioned everywhere was the PE vector ? After I enumerated the box It didnt look like the PE was thru an obvious PE Exploit because the box was fully patched but other than that nothing hinted at this being the route to PE.
if anyone goes for the r***s option look for the manual! and syntax syntax syntax. Even though I though I had everything correct there was a small piece missing.
Hi everyone,
I am still stuck after getting the password from the pst file. I don’t know where to find the “security” account. Please can I get a hint.
@0x41 said:
finally got the privesc after WAY too many hours. figured out what i probably have to do in the first 15 minutes, struggled with the rest for wayyyy too long
do yourself a favour and try whatever you’re doing on an actual windows machine before you try it on this box. it will save you massive headaches
Requires a shell? I’m trying to show the content of root.txt with r***s but I’m not sure if with that command is enough.