Thanks to @mcruz and @peek I have secured the two uncles. Feeling a little stupid though as I can’t seem to figure out to make that one last step and get that elevated shell in spite of having the Admin Creds.
Update: Got the root flag. Will definitely try to see if I can spawn a shell with Admin privileges.
EDIT: Well got a root shell too using Im*****t, Guess that will be it for Querier. Wonderful box. Learned a ton.
Thanks @mrh4sh and @egre55 for the box.
Thanks @mcruz , @peek and @Malone5923 for the hints…
Though I have found the creds from the hash, I have no idea what the username is. I tried using Res****** as in the Giddy Up video, but I can’t get that to work, and Im****** tools doesn’t give me a user
Wait. Nevermind. I was just retarded.
Type your comment> @sportsfreak said:
Update: Got the root flag. Will definitely try to see if I can spawn a shell with Admin privileges.
EDIT: Well got a root shell too using Im*****t, Guess that will be it for Querier. Wonderful box. Learned a ton.Thanks @mrh4sh and @egre55 for the box.
Thanks @mcruz , @peek and @Malone5923 for the hints…
You are welcome
Can someone please PM me on how they did file transfers on this box? I have the m****-s** account, but I have no idea how to go from s** and file transfer to the actual server. I’ve tried p*sh, ftp, etc… Hints please!
can someone pm me how to find cred file what you guys mention, I tried many tools for smb port but nothing be shared
If your payloads for root aren’t working, this could be why: This script contains malicious content and has been blocked by your antivirus software.
Also, x*_c******* repeatedly gets disabled on its own after enabling. I assume for the same reason as above.
Still trying to get root… I have a feeling a facepalm will be in my future…
ignore
Got root.txt. This is one of the best machines in HTB. I learned a lot in Windows world. Thats my weakness. WIth Giddy and this machine. I learned a lot in windows.
Thanks for makers for your time and effore @mrh4sh and @egre55
Thanks for @1NC39T10N @Malone5923 and @LegendarySpork for hints and help during this machine.
PM me for hint or nudge.
deleted
You kids and your fancy modern technology for getting root. I just looked.
I have root, thanks a lot, if you need help, PM me.
Hi …
I got into SQL … trying to get a shell using x**l and nis …Getting a syntax error …Can anyone help me …Please pm …thanks
I have command execution using X**l
EDIT :- NVM …Got user shell!!
Type your comment> @sillydaddy said:
Hi …
I got into SQL … trying to get a shell using x**l and nis …Getting a syntax error …Can anyone help me …Please pm …thanksI have command execution using X**l
Did you enable it first?
Type your comment> @mcruz said:
Type your comment> @sillydaddy said:
Hi …
I got into SQL … trying to get a shell using x**l and nis …Getting a syntax error …Can anyone help me …Please pm …thanksI have command execution using X**l
Did you enable it first?
try help !
ok, stupid question … have another user with admin and his password (since i created him), how do i switch to him in cmd or ps, everything hangs on me
Type your comment> @ntroot said:
ok, stupid question … have another user with admin and his password (since i created him), how do i switch to him in cmd or ps, everything hangs on me
I’m having the exact same problem… let me know if you make progress
At last got root flag …
Would love to know how to get a root shell … Tried creating new credentials in power shell with two uncles and start-process to get a reverse shell