Querier

If you have the uncles and are stuck, look into other im****et modules, very useful

Pretty cool machine. Learned something new along the way.
User: Enumerate and you’ll find something with the brazilian dance. Once you open the file look for interesting strings. Then login, you won’t be able to execute shell commands but maybe you can execute something more. Once you find what I’m talking about intercept that and get something to work on. Google and you’ll find a very useful script to upload files and it will even give you a shell!
Root: Very famous enumeration script (get the most recent version, don’t be like me and use an older version. I lost 4 hours because of this) then, brazilian dance again with your new credentials.
Enjoy.

I have the c568 credentials that i got from ML, via xp***** but where do i authenticate them against, please help. I’ve been banging my head against the wall with this. Please PM if able to help.

Edit: nvm got this

I’ve now created a local admin user. But am unable to log in as said user, any help via pm would be appreciated.

Rooted, ignore my previous comment, it’s a false path to victory that does not work. Pro tip for people trying to privesc, make sure you have the latest version of whatever tool you are trying to use to privesc or enumerate privesc details from, older versions may not show as much.

Type your comment> @fbarrsmith said:

Rooted, ignore my previous comment, it’s a false path to victory that does not work. Pro tip for people trying to privesc, make sure you have the latest version of whatever tool you are trying to use to privesc or enumerate privesc details from, older versions may not show as much.

No, it’s not a false path to victory bro :smiley:

Anyone stuck, PM me to help :wink: <3

Type your comment> @j0c0d3r said:

Type your comment> @fbarrsmith said:

Rooted, ignore my previous comment, it’s a false path to victory that does not work. Pro tip for people trying to privesc, make sure you have the latest version of whatever tool you are trying to use to privesc or enumerate privesc details from, older versions may not show as much.

No, it’s not a false path to victory bro :smiley:

Anyone stuck, PM me to help :wink: <3

So you were able to log in as that admin user? Please tell me how via pm haha

Type your comment> @fbarrsmith said:

Type your comment> @j0c0d3r said:

Type your comment> @fbarrsmith said:

Rooted, ignore my previous comment, it’s a false path to victory that does not work. Pro tip for people trying to privesc, make sure you have the latest version of whatever tool you are trying to use to privesc or enumerate privesc details from, older versions may not show as much.

No, it’s not a false path to victory bro :smiley:

Anyone stuck, PM me to help :wink: <3

So you were able to log in as that admin user? Please tell me how via pm haha

PM sent

Currently have user.txt. Have a reverse shell from using my own s** share to deliver payloads. I have been working on priv esc for quite awhile now. If someone could PM me some hints on what to do. I have found a couple of the scripts being mentioned here but am having trouble getting passed the execution policy and AV.

EDIT: Figured out priv esc. It was quite easy actually one I found it. Fun box!

Finally rooted, I wasted too much time on powershell but finally got it.
PM me if you need any help,
Cheers.

Hi all. I would really appreciate it if someone could message me with the initial foothold? I believe I found a password in the .v** file. but i need to connect to SQL i believe.

Cheers

Spoiler Removed

I NEED HELP AND A KALI LINUX MASTER!

I’m using Giy method (I got credentials to run it) both from Imt and from the Framework, it says "Successfully executed x*_d**e", but I cannot receive anything on my server.

So I noticed someone else got my same problem and solved it … Basically every server I run (Framework server , Resr, Imt) get 104 connession reset by peer and some python error about saa server as soon I run x*_d***e , someone shared the same code error saying is “misconfigured server handling the request”.

How can I fix it? (Hope is just a dumb thing, or maybe I’m just missing something)
PM me

Type your comment> @HEXE said:

I NEED HELP AND A KALI LINUX MASTER!

I’m using Giy method (I got credentials to run it) both from Imt and from the Framework, it says "Successfully executed x*_d**e", but I cannot receive anything on my server.

So I noticed someone else got my same problem and solved it … Basically every server I run (Framework server , Resr, Imt) get 104 connession reset by peer and some python error about saa server as soon I run x*_d***e , someone shared the same code error saying is “misconfigured server handling the request”.

How can I fix it? (Hope is just a dumb thing, or maybe I’m just missing something)
PM me

pm me

I’ve pretty much got root, but every time I use r***s.exe it asks for the password and immediately skips past back to command prompt. I have the password but can’t currently see a way to enter it. Anyone else have this issue?

Edit: Nevermind, solved my problem. Box rooted.

This was a nice box to work . Kudos to the creators!

Ended up getting root after fighting with janky shells and struggling writing content to files. Feel free to PM me for help! Overall was a pretty fun box for one of my first windows machines :slight_smile:

I feel like I’m stuck at really end of privesc. How can I switch user. Please PM me.

Edit: Nevermind, I got it. Now going for root.

Hint for people doing this box: If you find the useful script, make sure you’re using the newest version. Had a couple people ask me about their problem and it turned out to be an out of date script.