Access

13435363840

Comments

  • Type your comment> @pingunrchable said:

    Type your comment> @Retsurai said:

    So grabbed the A*****.z** and M** files. Went back an have tried redownloading them using the b***** setting, but fcrackzip using rockyou is failing to find the password for the Z** file. Is there something else I'm missing?

    Go through the M files. It's painful but you will find what you need.

    Haha, thanks a ton. Took about 20 seconds to find the password. Not sure why it didn't occur to me to just take a look in the M**

  • Type your comment> @Retsurai said:

    Type your comment> @pingunrchable said:

    Type your comment> @Retsurai said:

    So grabbed the A*****.z** and M** files. Went back an have tried redownloading them using the b***** setting, but fcrackzip using rockyou is failing to find the password for the Z** file. Is there something else I'm missing?

    Go through the M files. It's painful but you will find what you need.

    Haha, thanks a ton. Took about 20 seconds to find the password. Not sure why it didn't occur to me to just take a look in the M**

    No problem! =)

  • My HTB first challenge. I scanned nmap. I've tried h... ports M...... at metasploit. But could not challege. What i mistakes. Can you help me ?

  • After posting a scream for help yesterday, I've figured out where in the command I have got wrong and finally got root.txt!

    Alot of thorough reading of MS documentation and experimentation has gone into breaking into my first box!

    Overall good experience in the CLI side of Windows which I would have never touch or known about.

    PM me if you require some nudging. =)

  • got the access to sec**** account . now how to do priv esc

  • rooted, if need help, pm me

  • Having trouble with the r**** command, would appreciate a nudge in the right direction.

  • Type your comment> @darkvampire said:

    USER:
    To get the user the main advice is to be aware of the output of the commands you make. If your files are corrupt (100%) it is because you do not pay attention to the commands' warnings.
    ROOT:
    Look all the users directories, u will find a interesting command that u need to use. Obtain a shell and download the file that u need. Thats all.
    GOOD LUCK

  • Completely stuck on root... is anyone willing to help?

  • I've given up on this... I've read countless forums, documents, and anything else I can find to help. Including here. I just can't grasp the concept and will no longer waste my time.

  • edited February 2019

    Hey, everyone. This is my first box and I could really use some guidance. I was able to get user, but am running into some weird issues with getting root. Sometimes, I can use the proper syntax to get an elevated prompt. From there, I can navigate to the root flag and change permissions and all that. I can't read the file, and I'm working through figuring that out, but it's very hard to make any progress across box resets. It seems that every so often, my privesc command won't allow me access when I am positive that I know it works. I can reset this box myself and my commands will work every other time or so. Is this supposed to happen? Tell me if I'm missing some crucial information. Thanks!

  • Wow, I finally managed to get the root flag. You have to keep messing around with r**** until you get the correct way to do it. Also, focus on t****t, and ask yourself why you don't get any output, and figure out a way to read the output somehow.

    This is a frustrating machine, but once you get the root flag, it feels great hehe. I learned a lot about windows with it, great job to the one who created it.

  • For those who need a hint with privilege escalation, on the desktop of a user is a file that gives you a hint. Maybe with your own file instead?

  • I rooted the box by using r**** and giving myself the necessary tools to do the job (if you know what I mean). If you got the privesc with a different method, PM me!

  • Finally rooted! It is amazing how forgetting one argument of the most used dos command makes you waste hours!

  • I obtain user and root in Access, its a great machine, now go to the next box!!

    see you

  • Great machine to learn basic priv esc skills (which I discovered I lack). PM if you need a hint.

  • edited February 2019

    Hi all,

    I am really new to this and need some help. I did port scanning and found 3 open ports.
    from what i read in other comments, i am on the right track. managed to look into h... link, but im stuck.. not sure what tools to use for f.. port. i tried using telnet and nc into f.. port, but require username and password. do i need to exploit this port?

    not looking for a solution, but learning the concept.

  • I have managed to access f** as an******s, but cant seem to find anything.. try using raw FTP commands like NLST, STAT and etc.. nothing.. am i missing something here?

  • Try your more basic MS DOS commands

  • Rooted! Too late in the game.. but it was a fun fun box. Learnt a lot.

  • Hi, im new to the boxes i'm not getting the process perfectly. the only thing i have done so far is anonymous login with ftp. No clue so far. Can anyone give me an advice for this.

  • Can I get a PM? I've been working on this box since about mid-December. I have user, but my r**** command works on and off across resets. Can't figure out if I'm doing something wrong or if it's coincidental/intentional. Any help is appreciated. I've done so much research and I'm starting to get burned out. I don't want to quit and start on another box..

  • Type your comment> @freakinglord said:

    Hi all,

    I am really new to this and need some help. I did port scanning and found 3 open ports.
    from what i read in other comments, i am on the right track. managed to look into h... link, but im stuck.. not sure what tools to use for f.. port. i tried using telnet and nc into f.. port, but require username and password. do i need to exploit this port?

    not looking for a solution, but learning the concept.

    Yes, you need to use f**. Linux has a built-in command for that. Your t***** access depends on what you can glean from the files obtained through f**

  • Type your comment> @chonha57 said:

    @Scalpel said:

    @chonha57 said:
    Hello! I trying read the b*****.m*b but is corrupted... Any suggestion?

    Download it again - in another mode.

    Works! Thanks

    I downloaded in b***** transfer type and verify the file size is the same.. but then what? i opened using mdb-sql, but not sure what to look for.. seems gibberish..

  • Got root. Thanks for all the hints.

    I got the root flag but not a root account. I tried to create it the same way I got the flag unsuccessfully...anyone wants to share how they did it in PM?

    HINT: For all those saying that the command was not working and suddenly it was, in my case, it was a problem with the quotes (") and the shell I was using...

  • I'm a new "hacker" and I was wondering what to do once I got to f** and get the 3 files, I cant access one of them, the other looks corrupt and the t***.txt is really confusing. Any tips help, Thanks.

  • Hi all, so i am super new to hacking and HTB, love it so far this box has already taught me much, i have user flag now, but i have to admit i am too much of a noob to do the privsec, i tried using other Technics i have learned via the 2 other boxes i have taken (easy retired ones) to try an get a reverse_*** on to the system, but i have no clue hehe. so if anyone feels generous and want to take a poor noob under his wing please PM me :P thanks.

  • edited February 2019

    I'm stuck at the having the data from the M** and accessed P** file, any tips?
    Data does not seem to work on any of the services.

    edit: have T***** access now, switched from UPD vpn to TCP which improved things alot.

  • edited February 2019

    I have access to the box, but the flags on r**** aren't working at all. No output from dozens of variations of the command even after resetting that I do get output from on a local instance of Windows. Is something broken here? Please PM me if you had something similar happen, or have any other pointers for me.

Sign In to comment.