I can upload files and get a shell fired up, but I cannot interact with it. I try to even run a DIR command, and it seems to freeze, then after a few seconds, the shell drops. Someone PM some hints on a stable shell to use?
EDIT: Got a stable shell and user.txt. Learned a new method on that one! Now for root!
I am able to launch “b***.exe” and I also ran enumeration on that x side, but still not seeing the way to get elevated Admin access on the W** side. If you guys can give me a little hint it will be appreciated.
Thanks,
PP
EDITED: There is a very good hint on previous posts! I got “root” and learned that all files needs to be carefully reviewed, even those that you think “nah, that file has nothing!”
Would really appreciate a PM to discuss what I am doing wrong here.
I have created a VM on my side and installed the same “things” on the VM to mimic secnotes. I can get the reverse shell I want from my VM, but I cannot do the same with secnotes. Is my shell just not stable enough to run either of the EXE’s I am trying to run?
The four-letter EXE with no args runs fine on my VM, but kills my reverse shell when trying on secnotes. The six-letter EXE with the “run” flag does the same. No matter what I try, I cannot keep my shell alive.
EDIT: It was the reverse shell I was using. I had the “official” version from their site, but I grabbed a different version from GitHub, and it is now stable enough to run the four-letter EXE without crashing.
@MakoWish said:
Would really appreciate a PM to discuss what I am doing wrong here.
I have created a VM on my side and installed the same “things” on the VM to mimic secnotes. I can get the reverse shell I want from my VM, but I cannot do the same with secnotes. Is my shell just not stable enough to run either of the EXE’s I am trying to run?
The four-letter EXE with no args runs fine on my VM, but kills my reverse shell when trying on secnotes. The six-letter EXE with the “run” flag does the same. No matter what I try, I cannot keep my shell alive.
Seconded. I can get the four-letter exe running with no args but am not seeing how I can get Admin from that. Will keep poking if people would stop resetting the box XD
Just rooted! It wasn’t what I expected for privesc but I guess I’ll know better for future machines. For those needing that last nudge on privesc (assuming you’re already onto a certain feature in this box) think of what’s unique to this feature.
Feel free to PM
@CarterJ said:
Hey guys - would like a little bit of help please - managed to login to a particular service using some creds - cant seem to get any further!
@EthicalHCOP said:
jajaj lol someone can give me any hint with the s**i ?? i’m crashing the server with my commands !
Don’t over do it… most s**i cheatsheet docs will start with something simple and work up in complexity… I wracked my brain on this for several days and then it finally clicked when I simplified my approach and went back to basics.
Beautimus! Finally got root! I spent almost a week and a half on this one.
Thank you to @dplastico for the link that taught me exactly what I needed to learn. That was the exact “nudge” I needed. Bookmarking that one, for sure!
Anyone able to hint on root would be fabulous. I think I see what to do, but can’t past either errors in my very simple shell or “Windows s******** f** l**** has no installed…”. I’ve even tried to install but still no luck, really lost on this!