Jeeves Priv Esc

@NinjaRockstar said:
Where the ■■■■ is the flag? I have admin shell, but the root flag is hidden?! That sucks.

Play with the parameters of the directory listing command, you should see something somewhere.

@kamee said:

@NinjaRockstar said:
Where the ■■■■ is the flag? I have admin shell, but the root flag is hidden?! That sucks.

Play with the parameters of the directory listing command, you should see something somewhere.

Got it! Thanks!

hello can someone (PM) hint for priv escalation on this box?
thank

I need help. I’ve cracked the .k open, and pulled out hash:hash but nothing i’m trying is working on these second hashes. Been trying for days now with both John and Hashcat.

Can someone pls PM me too? I got the same issue as Cubefarm. Can’t crack the hashes. Tried a lot of wordlists

I’m having the same issue as Cubefarm and Saligia, any hints? Every time I try to use runas a new line starts before I can input any creds.

NVM got the root flag

Have reverse Powershell. Found an interesting file. But no clue how to copy files from Jeeves to my machine? Can anyone point me in the right direction?

Anyone can PM me if they have problems with this device willing to help with any questions :slight_smile:

Hi, I am Stuck on Jeeves. Got user.txt, found .k*** file,cracked it , found password. Open .k*** file to get lot of passwords but none of them are working for Administrator (tried with PsExec Locally). Not sure where i missed. Can you give me some hints as to what is next. I have just started PT,so consider me a noob

@darkoria said:
Have reverse Powershell. Found an interesting file. But no clue how to copy files from Jeeves to my machine? Can anyone point me in the right direction?
Find and use nc.exe from your kali and upload that to box, than use nc.exe to transfer files you need to your kali .Good luck

Have the interesting file, have cracked, and tried a few techniques to get SYSTEM but none are working. Can anyone give me a hint on what technique I should use?

@sheeets said:
Have the interesting file, have cracked, and tried a few techniques to get SYSTEM but none are working. Can anyone give me a hint on what technique I should use?

Read this

http://www.harmj0y.net/blog/penetesting/pass-the-hash-is-dead-long-live-pass-the-hash/

I am Administrator and System but cannot find the root.txt – I found a file telling us to look deeper and I tried various things with no luck. Any pointers?

It is there. But you do have to look deeper. Last night I spent some hours studying that, but difficult to give any pointers without a spoiler.

do we need a key file as well to decrypt db?

nope

@blackangel said:
nope

Thanks, for some reason when I show the cracked it appended ?: before password.

i am trying to run rotenpotato on Jeeves …and i am getting this error …I am doing exaclty what ippsec done in his wlakthrough

meterpreter > execute -cH -f rottenpotato.exe
[-] stdapi_sys_process_execute: Operation failed: The version of %1 is not compatible with the version you’re running. Check your computer’s system information to see whether you need a x86 ; or x64 ; version of the program, and then contact the software publisher.

meterpreter > sysinfo
Computer : JEEVES
OS : Windows 10 (Build 10586).
Architecture : x64
System Language : en_US
Domain : WORKGROUP
Logged On Users : 1
Meterpreter : x64/windows

Hey there, @sillydaddy ,

I found after failing at your point that downloading the exe file with right-click on the github file was misleading to this.
To avoid it and make it work, you have to clone the repo, and upload that file.

That fixed it for me.
Hope you figured out how to fix it since last year, and that it can helps other with that probs.

Happy hacking, cheers