Access

Well, that was some run ^^ r00t3d ^^
Just looking back at my commands history it looks soo simple → yeah first time ever gone into penetrating. Commands were a nightmare but google helped :tired_face:
If anyone wants some help go on PM me but I’m not giving 100% that I will help you since there are many ways to get this machine done :+1: just went the “just go by the flow” and it aimed me into beating this one :smiley:

As others wrote
“Keep the command simple” no need for 100+ chars ones,
“Plan ahead” what you want to do, obtain,
“Keep track” of successful commands this will help you a lot,
“…ManyMore…” - play around with commands in your VM boxes its way faster than in a machine,
“For root” just make easy .bat file with ru**s and catch that root hash :+1:

If you are looking through this discussion you will get root pretty fast just watch out for the sequence of doing things.

Was fun for the first machine now onto a little bit harder :relaxed: G00D L: :CK!

Thanks to @xSupeFly for the last hint to get root in PM!

Like some other guys here, im interested in how we knew that we were supposed to use r***s, this was second time enumerating a windows box for me, and got a little to much help from this thread. Please PM me if you could explain :smiley:
Learned alot but doesn’t fully understand the box!

Thanks @xSupeFly that bat tip really made a difference!

Owned root. My first htb machine. It was interesting though! Thanks to the people in the forum, it was very helpful to know that I was in the right path.

Hey all, does R***s require a password?

Hello Everybody! Need some help with Privesc pleeease!

I’m feeling pretty dumb here; I am looking at 3 user accounts and passwords that don’t work for telnet or FTP. What am I doing wrong? Do I need to do a file inclusion exploit to get access?

EDIT: wow, nevermind, got it.

Hint: You just need the right tools to get user. Don’t think too hard.

EDIT: Alright now I’m banging my head against the r***s command time and time again. Please PM me with any tips. I’ve seen lots of “check your syntax” and “really understand the flags”, but I’ve tried maybe 50 variations of the command from my shell with zero love…

EDIT: Got it, finally, with some wonderful help from @summerboy and @AlexZander. HMU if you want some pointers.

Finally got root! If you are stuck, PM me and I’ll give you a hint to point you in the right direction.

hi, could someone please just check with me in PM? I think I am using the right command but maybe something wrong with syntax. I have user.txt. successfully added myself to admins and now trying same way getting root.txt but can’t tell what I a doing wrong. tested on my machine and the commands worked fine.

nvm…bad syntax

Hello,
manage to get both files and read the content of the table U***INFO. However when i try the passwords found to unlock the AC.zip file, it doesn’t work… Am i looking in the right table ?

Thx

EDIT : got user, it wasnt the right table…

r00ted !

I’m just wondering (because I rooted this box thanks to the hint given by the others) how are we supposed to know that the r***s command should be used to perform the privesc ? is it something common to become root ? because i have to admit that without this hint, I wouldn’t have succeeded.

@BIGGYBBQ said:
r00ted !

I’m just wondering (because I rooted this box thanks to the hint given by the others) how are we supposed to know that the r***s command should be used to perform the privesc ? is it something common to become root ? because i have to admit that without this hint, I wouldn’t have succeeded.

There’s a hint lying around on the system in the form of a shortcut with that syntax.

Heya lads!

First box ever here.After a scan , logged in on a certain service .Then found two files which I then imported back to my computer.However , the .m** one seems to be corrupted or incomplete , as it is unreadable both on Windows software and online converters.Could I get a wee hint on that one , please?

Still am not able read Root.txt.Tried numerous variations of R**A* Command but no luck.If anybody wouldbe kind enough to discuss can please PM me…I can show you the syntax.

Hi Guys. I’m stuck at the R**A* syntax. I tried different options but no effect. anyone mind PM me to drop me some hint? I can show you the line i tried. Thanks in advance =)

I have user… but dont root :frowning:

Hi all , Ive got root and User but i am stuck with the Certutil.exe command on windows . I get this error each time i try to run the command .
Any Suggestions to why this strange error would be amazing :
**** Online ****
CertUtil: -URLCache command FAILED: 0x80072efd (WIN32: 12029)
CertUtil: A connection with the server could not be established

I noticed i couldnt ping the host machine from the victim .
Can anyone PM for solutions please :slight_smile:

Which program did you use to open *.mdb file? Can anyone help? I am using Parrot OS
Edit: NVM, I got it

@SSJ26 said:
Which program did you use to open *.mdb file? Can anyone help? I am using Parrot OS
Edit: NVM, I got it

mdb-e****t ***.mdb

Hey guys,

Well, I rooted the machine and it was very interesting to learn the way how you need to do it. I got the R**** command working but just not comfortable because I did not find the hint that a lot of people found about why to use that command. If someone can please PM me about that, it would be nice.

EDIT:Never mind! I found the shortcut that everyone was talking about. I remember I saw it but did not pay enough attention to it. Well, BIG lesson learned here. Again, you need to be detail oriented to don’t waste time when things are just right there.

Thanks,

PP