Netmon

Please, for the love of all that is unholy, stop changing the creds and STOP THROWING THE DOS

Type your comment> @shellsmoke said:

Please, for the love of all that is unholy, stop changing the creds and STOP THROWING THE DOS

Seriously… It’s more frustrating than not getting the root hash lol

This box is definitely making me work!

Edit: Rooted!

As most have started above I was able to get User pretty Easy. I’m having trouble getting Root however. I was able to find the “blog post” but can’t seem to get it to work properly. Any help would be appreciated!

Need some guidance if anyone is willing to assist! Been trying to get root now for a couple of days and it’s killing me. I’ve kept a list of avenues I’ve been looking into, I would like to know if I’m on the right track or not.

@und3rsc0r3labs said:
As most have started above I was able to get User pretty Easy. I’m having trouble getting Root however. I was able to find the “blog post” but can’t seem to get it to work properly. Any help would be appreciated!

was finally able to get root after multiple days!

best advice I can give is read read read. I tried to rush things because it was marked “easy”. After getting stuck on multiple things I stopped and started reading parts of the application I was messing with and everything slowly started falling into place.

Type your comment> @PurePi said:

Woohoo! Got root and user.
Good starter box.

PM me if anyone need hints :slight_smile:

bro in netmon active mission.i cant find there root.txt in this mision please give me a hint.please

please little help on root here: im logged in as an authenticated user to the ovbious pannel and i know RCE vuln is available ive enumerated and know exactly what to do however the problem is im not usre how to do that in terms of the HTTP Sensors etc please can some one help me or hint me

If anyone is giving FIreeye’s Commando VM a tour when doing this box, make sure you don’t accidentally let Windows Defender block a key application. Wasted 30 minutes as to why **p commands were only partially working…

Type your comment> @blackbestbb said:

Type your comment> @PurePi said:

Woohoo! Got root and user.
Good starter box.

PM me if anyone need hints :slight_smile:

bro in netmon active mission.i cant find there root.txt in this mision please give me a hint.please

@blackbestbb root.txt can be found in C:\Users\Administrator\Desktop directory on all Windows boxes.

I used the exploit and it says the user is created but when i try to exploit S** port with W***xe it says authentication failed…

Any tips on what is going wrong? I think the user is not properly created :frowning:

the user “sh4rk” put the root visible for everyone…

Stop resetting the ■■■■ box!
If you get to a point where things don’t work, and you think “I must have to reset the box to fix things”, there’s a 99% chance you’re wrong …

Type your comment> @PurePi said:

Type your comment> @blackbestbb said:

Type your comment> @PurePi said:

Woohoo! Got root and user.
Good starter box.

PM me if anyone need hints :slight_smile:

bro in netmon active mission.i cant find there root.txt in this mision please give me a hint.please

@blackbestbb root.txt can be found in C:\Users\Administrator\Desktop directory on all Windows boxes.

bro but administrator acess in denied bro what i can do bro

Total n00b could use some guidance on figuring out my first box.

First box rooted! Thanks all. PM me if anyone needs hints.

I need assistance. I feel like I should be able to use the new credentials I got as a result of the exploit, but it doesn’t work anywhere.

Thanks!

I’ m stuck at credentials part could someone pm me a hint?

Some assistance - i have access to the app, i have an exploit that is supposed to be creating a .txt file in some public directory - but the file is not being created… is this permissioning in the directory or is the exploit not running right - it appears to contain minimum error checking - can anyone offer a pointer?

Nudge please via PM. I have executed the exploit script and the user has been added but struggling to get access via the service s**. Gentle nudge if possible. THanks