I hasn’t able yet to find a more privileged user… you had found it?
well I found a way to find “who” has elevated privilege through an “API” but that’s it.
I can login with 3 users, one of which has API access. I’m getting the same file not found error.
I know what I need to do with the API, found a script to run against it, but no dice for over an hour now. Any tips?
One of the notes after logging in gives F*P creds. Has anyone seen that service running?
F**ck windows and bill gates, im stuck as nt authority/system for 5 hours and cant read users txt files.
Nice box so far!
Can anyone give me a nudge on getting logged in? I can’t find creds anywhere. Thanks in advance
Type your comment> @FlameOfIgnis said:
F**ck windows and bill gates, im stuck as nt authority/system for 5 hours and cant read users txt files.
ahhahahahahahahaha
to get creds do we need bruteforce ?
Spoiler Removed
Any joy with the P vuln? I’m having a crack with Burp Repeater but its sooooo slow. Any alternatives?
Ignore me. Found the obvious alternative
hmm… well that didn’t work! Back to the drawing board.
Presumably @egre55 is chuffed that still no blood has been spilt yet! Tough box…
Hats off to @xct for first blood! I thought I had this thing twice only to end up at deadends. I have to take a break from this one before I go crazy.
@incubus said:
Hats off to @xct for first blood! I thought I had this thing twice only to end up at deadends. I have to take a break from this one before I go crazy.
I’m right there with you; I had a few breaks, only to be met with a roadblock.
F**ck windows and bill gates, im stuck as nt authority/system for 5 hours and cant read
users txt files.
Okay, i found out why that is. Im sorry bill gates, you are cool.
Finally got both flags, what a ride… Congrats to @jkr and @xct you guys are beast. Thanks to @egre55 for the amazing box.
Never thought i would say it, but here it goes…
Got root flag, working on user now.