Access

Can I get a PM? I’ve been working on this box since about mid-December. I have user, but my r**** command works on and off across resets. Can’t figure out if I’m doing something wrong or if it’s coincidental/intentional. Any help is appreciated. I’ve done so much research and I’m starting to get burned out. I don’t want to quit and start on another box…

Type your comment> @freakinglord said:

Hi all,

I am really new to this and need some help. I did port scanning and found 3 open ports.
from what i read in other comments, i am on the right track. managed to look into h… link, but im stuck… not sure what tools to use for f… port. i tried using telnet and nc into f… port, but require username and password. do i need to exploit this port?

not looking for a solution, but learning the concept.

Yes, you need to use f**. Linux has a built-in command for that. Your t***** access depends on what you can glean from the files obtained through f**

Type your comment> @chonha57 said:

@Scalpel said:

@chonha57 said:
Hello! I trying read the b*****.m*b but is corrupted… Any suggestion?

Download it again - in another mode.

Works! Thanks

I downloaded in b***** transfer type and verify the file size is the same… but then what? i opened using mdb-sql, but not sure what to look for… seems gibberish…

Got root. Thanks for all the hints.

I got the root flag but not a root account. I tried to create it the same way I got the flag unsuccessfully…anyone wants to share how they did it in PM?

HINT: For all those saying that the command was not working and suddenly it was, in my case, it was a problem with the quotes (") and the shell I was using…

I’m a new “hacker” and I was wondering what to do once I got to f** and get the 3 files, I cant access one of them, the other looks corrupt and the t***.txt is really confusing. Any tips help, Thanks.

Hi all, so i am super new to hacking and HTB, love it so far this box has already taught me much, i have user flag now, but i have to admit i am too much of a noob to do the privsec, i tried using other Technics i have learned via the 2 other boxes i have taken (easy retired ones) to try an get a reverse_*** on to the system, but i have no clue hehe. so if anyone feels generous and want to take a poor noob under his wing please PM me :stuck_out_tongue: thanks.

I’m stuck at the having the data from the M** and accessed P** file, any tips?
Data does not seem to work on any of the services.

edit: have T***** access now, switched from UPD vpn to TCP which improved things alot.

I have access to the box, but the flags on r**** aren’t working at all. No output from dozens of variations of the command even after resetting that I do get output from on a local instance of Windows. Is something broken here? Please PM me if you had something similar happen, or have any other pointers for me.

Type your comment> @yayo86 said:

Hi guys, I’m new to pen testing and trying to give it a go on this machine, i got access to the A***** **l.zip and b.mdb files but i’m having trouble to open both of them. I tried some options but in vain. Could anyone point me in the right direction or any hint which tools i should use? Thanks

i tried transferring the A***** *******.zip… . bt i was not able to do so.

Type your comment> @freakinglord said:

Type your comment> @chonha57 said:

@Scalpel said:

@chonha57 said:
Hello! I trying read the b*****.m*b but is corrupted… Any suggestion?

Download it again - in another mode.

Works! Thanks

I downloaded in b***** transfer type and verify the file size is the same… but then what? i opened using mdb-sql, but not sure what to look for… seems gibberish…

I didn’t use mdb-sql, but two of the other mdb-*.

Type your comment> @Scalpel said:

Type your comment> @freakinglord said:

Type your comment> @chonha57 said:

@Scalpel said:

@chonha57 said:
Hello! I trying read the b*****.m*b but is corrupted… Any suggestion?

Download it again - in another mode.

Works! Thanks

I downloaded in b***** transfer type and verify the file size is the same… but then what? i opened using mdb-sql, but not sure what to look for… seems gibberish…

I didn’t use mdb-sql, but two of the other mdb-*.

same here …got stuck with extracting .Z**

Type your comment> @Tendel10 said:

I’m a new “hacker” and I was wondering what to do once I got to f** and get the 3 files, I cant access one of them, the other looks corrupt and the t***.txt is really confusing. Any tips help, Thanks.

I got user, I am wondering if going for root is realistic for a newbie. Thanks

Stuck on the Priv Esc any hints or nudges would be much appriciated PM me please.

When I connect to the telnet port, nothing is being output and no input is being accepted.

Never mind. It’s just extremely slow.

i got a user access. i am trying to get root access , if you can give me hints, it would be very kind of you. also, do anyone knows how can a open rdp portin a machine if i am using

I am new to priv escalation on windows and already owned user but i am trying to get root. I found out that with the r**** command you can run the f*** as other user but the output is empty. Cant see what is inside root.txt

Am i on the wrong way or doing something wrong?

Fantastic box learned a ton got User and Root shout out to @clmtn for helping me figure out the Priv Esc.

P.S. dont over think Root I was doing everything right for like an hour but it wasnt working on my VM so I didnt even try! But it worked fine on the actual box.

stuck at privesc, can anyone nudge me in the right direction? can’t figure out how to use runas

Type your comment> @NPCMaster said:

stuck at privesc, can anyone nudge me in the right direction? can’t figure out how to use runas

If runas isn’t asking you for password then you are using the command right. focus on what are you doing with it.