Netmon

Constant restarts and password changes making it difficult to get root.

I have accessed user.txt.
Got into P*** admin, set no****** para****but not able to create user.
Am I in the right track?

For everyone that needs help - look into the code of the exploit thats giving you user access. Its creating a username and password using a file naming scheme thats baked into the exploit. Its possible your exploit is getting overwritten midway by another user given how popular this box is.

As for logging in with it - its not an FTP user that youā€™re creating. Youā€™ll need to find service thatā€™s running to test your login with.

@ytho thanks for your post.
I have been trying what you have mentioned for the last couple of days with no success.
Are you able to PM me with another hint.

Finallyā€¦one step closer. Thanks @PavelKCZ for the hint.

Now my problem is Rev***TC session dies every time :frowning:

BTWā€¦Thanks @PavelKCZ for the hint.

Woohoo! Got root and user.
Good starter box.

PM me if anyone need hints :slight_smile:

Hello, I have got the user hash and have got access in F** as a user however I am confused where i should look for the Root creds. Can someone please help me with this as iā€™m stuck ?

For root,
Here are some tips:

  1. Identify other services that are running apart from that on p80
  2. Google vulnerabilities of the app version running on the box. Through this, you will get access to the app.
  3. After that use hint from @PavelKCZ.
  4. Get into the box via the service identified in step 1 above.

Hope this helps.

About root access, I was able to recover the password (or at least Iā€™m pretty sure it is correct) but I couldnā€™t log in, is this normal?

Should it be used for the exploit only?

Please, for the love of all that is unholy, stop changing the creds and STOP THROWING THE DOS

Type your comment> @shellsmoke said:

Please, for the love of all that is unholy, stop changing the creds and STOP THROWING THE DOS

Seriouslyā€¦ Itā€™s more frustrating than not getting the root hash lol

This box is definitely making me work!

Edit: Rooted!

As most have started above I was able to get User pretty Easy. Iā€™m having trouble getting Root however. I was able to find the ā€œblog postā€ but canā€™t seem to get it to work properly. Any help would be appreciated!

Need some guidance if anyone is willing to assist! Been trying to get root now for a couple of days and itā€™s killing me. Iā€™ve kept a list of avenues Iā€™ve been looking into, I would like to know if Iā€™m on the right track or not.

@und3rsc0r3labs said:
As most have started above I was able to get User pretty Easy. Iā€™m having trouble getting Root however. I was able to find the ā€œblog postā€ but canā€™t seem to get it to work properly. Any help would be appreciated!

was finally able to get root after multiple days!

best advice I can give is read read read. I tried to rush things because it was marked ā€œeasyā€. After getting stuck on multiple things I stopped and started reading parts of the application I was messing with and everything slowly started falling into place.

Type your comment> @PurePi said:

Woohoo! Got root and user.
Good starter box.

PM me if anyone need hints :slight_smile:

bro in netmon active mission.i cant find there root.txt in this mision please give me a hint.please

please little help on root here: im logged in as an authenticated user to the ovbious pannel and i know RCE vuln is available ive enumerated and know exactly what to do however the problem is im not usre how to do that in terms of the HTTP Sensors etc please can some one help me or hint me

If anyone is giving FIreeyeā€™s Commando VM a tour when doing this box, make sure you donā€™t accidentally let Windows Defender block a key application. Wasted 30 minutes as to why **p commands were only partially workingā€¦

Type your comment> @blackbestbb said:

Type your comment> @PurePi said:

Woohoo! Got root and user.
Good starter box.

PM me if anyone need hints :slight_smile:

bro in netmon active mission.i cant find there root.txt in this mision please give me a hint.please

@blackbestbb root.txt can be found in C:\Users\Administrator\Desktop directory on all Windows boxes.

I used the exploit and it says the user is created but when i try to exploit S** port with W***xe it says authentication failedā€¦

Any tips on what is going wrong? I think the user is not properly created :frowning: