Conceal

@LegendarySpork said:
@opt1kz said:

I wrote a script that waits for a connection and then just sends a shell command

nc -z works great as a ā€œtcp pingā€

Hm. Thatā€™s interesting. I never noticed that flag, to be honest. Googling and playing around with it a bit and you could probably use this too, youā€™re right. Neat.

For me it was easier/quicker to just whip out Python and do it that way (it was all of ten lines), but this netcat feature could be useful in the future, so thanks!

TCP ping 4evR

while :; nc - z 10.10.10.10 21; sleep 10; done

Another good use ā€“ I use nc - z flag for scanning whenever transport is limited somehow and nmap isnā€™t reliable. I used this on another active box recently.

can someone pm me. Iā€™m having some trouble talking to president Eisenhower. Iā€™ve never done it, iā€™ve already installed more software on my computer than iā€™m really happy with, and itā€™s making me feel all sorts of stupid

@LegendarySpork said:
TCP ping 4evR

while :; nc - z 10.10.10.10 21; sleep 10; done

Another good use ā€“ I use nc - z flag for scanning whenever transport is limited somehow and nmap isnā€™t reliable. I used this on another active box recently.

For scanning via nc I always add -w 1 so I donā€™t have to wait for longer timeouts and -vn to get results and omit dns resolution, eg. scan for the first 100 ports:

nc - zvn - w 1 1.2.3.4 1-100

@spoppi Yes, agreed, that timeout is important for scanning. Also for those following along at home, notice that @spoppi didnā€™t need to write the iteration over ports because nc does that. (the reason I had an iteration was because I was periodically pinging a single port)

Rooted ! :smiley:

how is everyone getting a P*K without Agg***ive mode? :confused: I can only get M*in mode h******akesā€¦ Do I have to guess / brute-force the gr**p id?

@quas said:
how is everyone getting a P*K without Agg***ive mode? :confused: I can only get M*in mode h******akesā€¦ Do I have to guess / brute-force the gr**p id?

you need to enumerate a bit more

LAME LAME LAME REALLY i have been on privsac for almost 6 days i am doing it right it just the stupid thing does not work for me while it works for some of my friends!

@Blkph0x said:

@quas said:
how is everyone getting a P*K without Agg***ive mode? :confused: I can only get M*in mode h******akesā€¦ Do I have to guess / brute-force the gr**p id?

you need to enumerate a bit more

thx! got it! for some reason nmap was failing me :confused:

Someone can give a hint on privilege escalation. Tried the famous framework but its not working.

Someone give me somehint of that box, i find a hash or some user using SN** enum, try ik*fo** but dont get anything, i need some technical or keyword for google search :cold_sweat:

G0t user , that was fun! except the config part

Struggling with Privesc on this one, could someone kindly PM to discuss?

Wow, what an adventure this box was. The first part was insane. Root was more conventional but still had many troubles getting it to work.

I got the conn successful i can browse but I cannot perform any scan after connection, did someone has a similar issue connecting from linux?

Use connect scans (nmap -sT, ā€¦). Will probably help. Another thing: you wonā€™t see more open ports than you saw from the service where you found the credentials for the connection :wink:

Working on the first part and trying to connect. Kind of flying blind with my configuration files and command options though. Upon executing c*****-**d my packets get sent but from the output they arenā€™t being accepted. Eventually the application reports the ā€œpeer is not respondingā€ and the application quits. Also I see that the application is connecting to a related yet filtered UDP port (per my Nmap scans). Is this normal behavior? Any hints via DM would be appreciated.

i have something that looks like a connection but very volatile. could someone provide me some documentation ? im a bit lost: 1 up 0 connecting

EDIT:a reset did the trick

can someone pm me? I need help with the initial setup of the VPN.