Retired Legacy Box

I got a shell on the system, but cannot find the flag ^^
The Documents and Settings folder is empty, even after reset and server switch. Any suggestions ?
Thanks

Comments

  • edited October 2018
    Or try
    `dir /a /r`
    😉
  • Solved it :) I didn't escaped the space ^^

    meterpreter > cd Documents and Settings 
    [-] stdapi_fs_chdir: Operation failed: The system cannot find the file specified.
    
    meterpreter > cd "Documents and Settings"
    

    and then User/Desktop was correct.

    Thx 3mrgnc3

  • edited May 2019

    Not seeing any flag anywhere lol. Dropped to a shell from meterpreter:

    C:\Documents and Settings\Administrator>cd Desktop
    cd Desktop
    
    C:\Documents and Settings\Administrator\Desktop>dir
    dir
     Volume in drive C has no label.
     Volume Serial Number is 54BF-723B
    
     Directory of C:\Documents and Settings\Administrator\Desktop
    
    28/05/2019  03:50 ��    <DIR>          .
    28/05/2019  03:50 ��    <DIR>          ..
                   0 File(s)              0 bytes
                   2 Dir(s)   6.400.901.120 bytes free
    
    C:\Documents and Settings\Administrator\Desktop>
    
    

    Edit: looks like someone had messed with the box... lol

    lduros

  • Old forum, but theres something I want to know

    first thing I done when i got meterpreter was hashdump. got all hashes, put them into hashcat with rockyou.txt and it kept on going to 100% with status "exhausted" - they were NTLM hashes right? why did it not crack any?

    Hack The Box

  • Old box, but as I was trying to exploit it via the MS08-067 code from EDB, my initial attempts did not work (I chose XP SP0/SP1). Every time I ran the exploit, the service probably just crashed and I had to reset the machine. I then turned to metasploit which correctly detected the OS to be XP SP3, ran the exploit for the correct OS version, and successfully got me an admin shell.

    My question is: If I wanted to run the EDB exploit successfully, I need detect the correct OS version beforehand. The nmap scripts don't work - they only go as far as suggesting that the OS is XP, and not the service pack number. Are there other tools (non-metasploit) that fingerprint the OS more reliably?

Sign In to comment.