Jeeves root.txt

Thank you, @blobbo. Finally got what I was after. Very cool what the creator did with the thing. I had no idea that was possible on Windows.

@blobbo said: Research possible ways to hide files on a windows box.

The rules stand with this machine, I wasn’t thinking outside the box… so to speak!

@modevius said:
are you saying that root.txt is NOT in the Desktop of Administrator. The rules say that is where it is supposed to be.

You have everything you need @modevius

@modevius said:
I am still stuck trying to get rights to see the directory/priv esc. I got shell, i got meterpreter, I cracked a file and tried all of those passwords. II am not sure if these are rabbit holes or part of the solution.

one hint from me … research more about methods of hiding files … attrib is the wrong way … this cost me much time

alamot kind of a hint :wink:

Spoiler Removed - Arrexel

I’m also having the same problem as above. Can’t figure out what to do with the information I’ve gotten in the file.

give a further read through the forum, theres more than one jeeves thread and the answer to this question is there

ok ok - been at it for a while now - been down a heap of rabbit holes - leant heaps - way too much about somethings - but i guess that is part of the fun…but…cant get priv on jeeves - i think i have everything i need - got reverse shell, meterpreter, tried all the exploits but no love to priv esc 8-(…got user.txt, found the uncrackable file - but cracked it - which was great fun !!! - found the contents and from the thread it says it obvious what to do when you look at the content - one will stand out ? i have tried all the psexec pth etc etc - just cant see how to use the contents to priv esc - i know there are a few more hurdles once i get admin to find root.txt so can someone PM me so i can move to the next challenge and learn like we all want to do ? i am sure it is something that i am obvious ? @hackthebox6969

useful script: GitHub - byt3bl33d3r/pth-toolkit: Modified version of the passing-the-hash tool collection made to work straight out of the box

For learning: http://www.harmj0y.net/blog/penetesting/pass-the-hash-is-dead-long-live-pass-the-hash/

re-check your steps…or perhaps check your assumptions.

@ Saoirse - your a champion - thanks helps - got the final flag…this was a great challenge and worth the time for those still pulling your hair out…learnt heaps…everything is in the forum - in riddles and you need to read things several times but worth it…i need to get the Aussies up in the country ratings… so now onto root Bashed

Could I pm someone, got shell, meter, file… need a nodge at crackin’ the file… thanks

@obwanken00by said:
Could I pm someone, got shell, meter, file… need a nodge at crackin’ the file… thanks

Whaa all fine:
Session…: hashcat
Status…: Cracked

Jee would still need a slight poke on this, got everything, figured out the needed info from the loot, confirmed it works but can’t find a proper way of using it… thanks for any PM…

@obwanken00by said:

@obwanken00by said:
Could I pm someone, got shell, meter, file… need a nodge at crackin’ the file… thanks

Whaa all fine:
Session…: hashcat
Status…: Cracked

im still cracking… and cracking… can someone pm me ? dont know what im missing except a slow computer

If it takes you more than a few minutes to crack, you’re either trying to crack the wrong hash or using the wrong wordlist

right - got it know; thx. Lets say i tried it the wrong way

Someone can give me a hint about how I get access to the machine? I’ve found port 50000 but I don’t know how to access. Help a noob, please haha…

You can use your browser

@Skullsec said:
Someone can give me a hint about how I get access to the machine? I’ve found ------- but I don’t know how to access. Help a noob, please haha…

Dont forget you can do simple things to see what ports do. Like netcat to it and send it a hello. See what it says. Sometimes they respond and tell you what they are.

@Skunkfoot said:
You can use your browser

I used and tried some things, but no success. I don’t know how to do…