Netmon

please little help on root here: im logged in as an authenticated user to the ovbious pannel and i know RCE vuln is available ive enumerated and know exactly what to do however the problem is im not usre how to do that in terms of the HTTP Sensors etc please can some one help me or hint me

If anyone is giving FIreeye’s Commando VM a tour when doing this box, make sure you don’t accidentally let Windows Defender block a key application. Wasted 30 minutes as to why **p commands were only partially working…

Type your comment> @blackbestbb said:

Type your comment> @PurePi said:

Woohoo! Got root and user.
Good starter box.

PM me if anyone need hints :slight_smile:

bro in netmon active mission.i cant find there root.txt in this mision please give me a hint.please

@blackbestbb root.txt can be found in C:\Users\Administrator\Desktop directory on all Windows boxes.

I used the exploit and it says the user is created but when i try to exploit S** port with W***xe it says authentication failed…

Any tips on what is going wrong? I think the user is not properly created :frowning:

the user “sh4rk” put the root visible for everyone…

Stop resetting the ■■■■ box!
If you get to a point where things don’t work, and you think “I must have to reset the box to fix things”, there’s a 99% chance you’re wrong …

Type your comment> @PurePi said:

Type your comment> @blackbestbb said:

Type your comment> @PurePi said:

Woohoo! Got root and user.
Good starter box.

PM me if anyone need hints :slight_smile:

bro in netmon active mission.i cant find there root.txt in this mision please give me a hint.please

@blackbestbb root.txt can be found in C:\Users\Administrator\Desktop directory on all Windows boxes.

bro but administrator acess in denied bro what i can do bro

Total n00b could use some guidance on figuring out my first box.

First box rooted! Thanks all. PM me if anyone needs hints.

I need assistance. I feel like I should be able to use the new credentials I got as a result of the exploit, but it doesn’t work anywhere.

Thanks!

I’ m stuck at credentials part could someone pm me a hint?

Some assistance - i have access to the app, i have an exploit that is supposed to be creating a .txt file in some public directory - but the file is not being created… is this permissioning in the directory or is the exploit not running right - it appears to contain minimum error checking - can anyone offer a pointer?

Nudge please via PM. I have executed the exploit script and the user has been added but struggling to get access via the service s**. Gentle nudge if possible. THanks

Type your comment> @Manb4t said:

Nudge please via PM. I have executed the exploit script and the user has been added but struggling to get access via the service s**. Gentle nudge if possible. THanks

Same here. I exploited, but not able to login to service.

There can be problems with server reset between exploit script execution and subsequent work under the newly added user.

But you can put both things in one shell script and execute this form of attack. In such case, the new user is created and just after that, the second part of attack is executed as soon as possible.

Type your comment> @PavelKCZ said:

There can be problems with server reset between exploit script execution and subsequent work under the newly added user.

But you can put both things in one shell script and execute this form of attack. In such case, the new user is created and just after that, the second part of attack is executed as soon as possible.

but if the file is not getting created tehn the exploit didn’t work - correct?

I don’t know. I never used any “file creation” exploit and I definitely did not used any artificially created *.txt file anywhere.

hi guys

this box is the first one I do here on this site, so I can still learn a lot, and so I enjoy the learning process immensely.

I have searched and found a lot to get root. user was not a problem at all, but now I’m really stuck.

found an exploit via google but, I get stuck here must take a step and have to verify it before I can continue. someone a hint or tip.

you would help me a lot with it

Type your comment> @PurePi said:

Type your comment> @blackbestbb said:

Type your comment> @PurePi said:

Woohoo! Got root and user.
Good starter box.

PM me if anyone need hints :slight_smile:

bro in netmon active mission.i cant find there root.txt in this mision please give me a hint.please

@blackbestbb root.txt can be found in C:\Users\Administrator\Desktop directory on all Windows boxes.

Thanks PurePi, was my first Windows box and only thing left I needed to know is where to find root.txt

Shoutout to Farbs for all the nudges

what year is it! thank you!