Access

1202123252640

Comments

  • Hi, scanning using nmap and it show f** and t****t is closed, it is ok? I read some post in this thread they login to f** then download something. anyone can give me hint?

  • @darkcyber said:
    Hi, scanning using nmap and it show f** and t****t is closed, it is ok? I read some post in this thread they login to f** then download something. anyone can give me hint?

    nevermind, wrong thread. I should this is about Access machine, not Active machine.

  • I wouldn't have figured to use r**** without the hints here. What was I supposed to find on this box that would've led me to try using this tool on my own?

  • Yo guys,

    I'm stuck on what i believe to be the last part of root priv esc. Found the Z********** flaw but struggling to leverage it. Advice would be appreciated!

  • finally got the privesc after WAY too many hours. figured out what i probably have to do in the first 15 minutes, struggled with the rest for wayyyy too long

    do yourself a favour and try whatever you're doing on an actual windows machine before you try it on this box. it will save you massive headaches

    0x41

  • edited December 2018

    @rowbot said:
    Looking to learn a lesson here. For PE, how did you know to use R? I take it the Z was a rabbit hole?

    I have the same question. Without the ton of spoilers on this forum how would you have figured out that the command mentioned everywhere was the PE vector ? After I enumerated the box It didnt look like the PE was thru an obvious PE Exploit because the box was fully patched but other than that nothing hinted at this being the route to PE.

    Thanks!

  • edited December 2018

    r00ted! thanks to @YellowBanana and @numbfrank

    if anyone goes for the r***s option look for the manual! and syntax syntax syntax. Even though I though I had everything correct there was a small piece missing.

  • edited December 2018

    Hi everyone,
    I am still stuck after getting the password from the pst file. I don't know where to find the "security" account. Please can I get a hint.

    My bad, I found my mistake

  • @0x41 said:
    finally got the privesc after WAY too many hours. figured out what i probably have to do in the first 15 minutes, struggled with the rest for wayyyy too long

    do yourself a favour and try whatever you're doing on an actual windows machine before you try it on this box. it will save you massive headaches

    Requires a shell? I'm trying to show the content of root.txt with r***s but I'm not sure if with that command is enough.

  • i would suggest to understand what stored credential is in the windows server

  • Yeah!! Finally got root! thankyou all for the hints!

    See Ya!
    0xdebe

  • I've been stucked for days on this box. Tried every r***s variation, but prompt doesn't show anything.
    I know that i am on the right track because of the c****y command.
    Can someone PM me please?

  • Anyone have any hints for PrivEsc? I owned user and am attempting to use r**** to spawn a admin c** shell so I can access the admin dir, I keep getting prompted for password though so I am sure that my syntax is wrong for the command

  • Rooted! Thank you @MrFlash24

  • Feel free to PM me if you're running into issues.

  • I need help with privilege escalation I do not know what to do, someone could guide me

  • Got system.cant read flag,pipe ,echo, transfer nothing. R***** works , i can see new instances spawning but cnt get it to echo flag ....

  • Hi guys, my first call for help! With Access box - I have used runa got access to folder of root, taken ownership, used cacls etc. If i do a dir /q it shows security is the owner but i can still not read the file. I have tried redirecting trough runa* also but with not success. Would appreciate if any 1 can give my a hint of what i am doing wrong.

  • edited December 2018

    (3) Finally Done
    in 2 days

    ASHacker

  • @0xlc said:

    @jownz said:
    anyone got some tips on the initial 2 files? I know you have to analysze one, but one seems locked and one segfaults while analysis....

    check if you get it properly. check the size on the *** server and yours.

    i got it using nemo file manager insted of classic way. with *** they were corrupted.

    Thanks!
    +1

  • im getting this error
    offset 7585302654976 is beyond EOF
    Segmentation fault (core dumped)

    when try to open b**.mdb using mdbtools. any hint as to how to resolve this?

  • Alright, I am rather stumped! I have Owned USER and I am hours into trying to figure out privesc to absolutely no avail I have tried to te several of the d files and have found a few that I cannot t**e as well I have tried using a few BF exploits and nadda. If any of you geniuses get a moment and feel kind, a PM hint would be absolutely phenomenal and Im sorry to bother you guys as I prefer to figure this out alone!

    Thanks and I look forward to ANY help!

  • @Malone5923 said:
    im getting this error
    offset 7585302654976 is beyond EOF
    Segmentation fault (core dumped)

    when try to open b**.mdb using mdbtools. any hint as to how to resolve this?

    So try to re-obtain your file with a different command and pay close attention to the output. Once that is done look for the m**T***s and enjoy!

  • @ASHacker said:
    3. Finally Done
    in 2 days

    Well Done, I am 3 Days into this monster and only owned USER. IF ya have any hints please dont be afraid to shoot one or two my way! Thanks

  • @Malone5923 said:
    im getting this error
    offset 7585302654976 is beyond EOF
    Segmentation fault (core dumped)

    when try to open b**.mdb using mdbtools. any hint as to how to resolve this?

    you know, when you are trying to download file it is downloading in different format. try to download file in different transfer mode of ftp.

    ASHacker

  • edited December 2018

    Finally rooted... I made that much harder at the end than really needed... I am avaible for pm if nudges are needed.

  • Hi guys, I'm new to pen testing and trying to give it a go on this machine, i got access to the A***** *******l.zip and b*****.mdb files but i'm having trouble to open both of them. I tried some options but in vain. Could anyone point me in the right direction or any hint which tools i should use? Thanks

  • @yayo86 . Google how to open mdb files

  • Great box. But I was very slow to solve this. I really learn many windows commands .
    It's was very funny and interesting.
    Thx for makers.

    Hack The Box

  • can the root.txt file be found without a shell?

Sign In to comment.