Guys about the wordlist as it’s taking a lot of time, you can intelligently create a “subset” wordlist from rockyou depending on the box. Sometimes it’s important to narrow down your resources.
Anyone wanna PM me a nudge for this, i can create sublist no problem. But intelligently ? based on what?
I’m stuck after user. I do have a password which doesn’t work on the system but allows me to get access to another service that contains something interesting, but I’m failing hard on reading it. Can someone PM me?
User was great, I have learned some tricks to play with J*** d**************.
After you get some pings, getting a shell is a bit hard because you cant see why some commands fails. Common shells does not work, try to get a more ofuscated one or bypass some Windows checks.
Root was easy once you see it, but took one day to realize that part.
Ive had a fun run at this machine so far. I was pretty sure of the attack vector within a few mins of enumeration. Unfortunately its an attack Ive been pretty terrible at historically ,so I welcome the chance to further my skill set .
That being said I have had a weird experience thus far. I found the encrypted file pretty quickly. I ran strings and binwalk against it and found some info, before I ever cracked it! Even after cracking it…all I have is the same info?! Is this by design? DId the box creator throw this out as a red herring? Sorry if ive said too much. I dont want to spoil anything, but I am curious if anyone noticed the same. Feel free to pm me to discuss.