Alright, day 4 of privesc and I am really missing the nail here lol. I am lost on how to utilize the .py apps to dump the hashes out of r*****n and at this point Im not really learning. If anyone could please PM me a hint as to whether or not I need to move in a diff direction or if Im on target and just need to try harder!
THanks!
Rooted. I used Kali and and my host Windows machine.
If anyone needs a hint let me know.
Can anyone help me with the initial enumeration? Found the ports, and the services running. I tried looking into s** but i am just stuck. I have looked into creating n*** sessions but I am not sure where I am going wrong.
what do i do when im in desktop ?? sorry for stupid question
Need a nudge for root.
Know what the exploit is but for some reason cannot get it to work.
Thanks.
I’m getting a “MAC check failed” when I use the python script.
Any help?
help with mount it seems that everything is asking 4 password…and yes my VT-D is on.
i found what i need and mount it
by the end of the day its all about your CLI input
Type your comment> @TimmyTheOG said:
I’m getting a “MAC check failed” when I use the python script.
Any help?
I have this same problem.
Type your comment> @osmus said:
Type your comment> @TimmyTheOG said:
I’m getting a “MAC check failed” when I use the python script.
Any help?I have this same problem.
I ended up using the portable version to get around this issue.
Rooted!
I have Mounted the vhd backup file now I don’t know what should i do !!!
Enjoyable user and root, got stuck on user for a good while before I caught my dumb mistake
Good evening everyone. First box and I’m stuck trying to mount the VHD file. I’ve haven’t been able to find a tool that works and even tried doing 7a or 7z for it. Tried guestmount but i’m not able to get the syntax right because after I enter the IP I’m lost. Any advice would be greatly helpful.
Thank you in advance for your time.
Hi all! I got user, and stuck on admin. Many people said, that to get admin priv i needs to enum installed programs. So, i found few. But they aren`t vulnerable. Next, i read more comments here, and understand, that i need to write something, what using .NET. Am i right, or not?
And thank all of the forum members, you are breathtaking
P.S.: Sorry for my English
Newermind, just got a root.
Some tips:
USER: nmap, look at ports, not_eternalblue, some mounting, googling, and enumeration of windows system
ROOT: it is so simple, but u can overthink it. look at some programs, google it, get admin!
Thank you @L4mpje for realistic and interesting task
.
Rooted. Pretty fun box, the path to victory seems relatively clear throughout, but I sure did scratch my head more than once!
Ping me if you need a nudge in the right direction.
Nice one. I’ve wasted a lot of time to search in wrong directions, but learned a lot there. If you are struggling with root, being a linux not windows person like me, don’t try to find a windows sudo-like command. There’s an easier way.
Enjoyed this as my first Windows-based HTB target. I spent more time learning how to interact with Windows files on Linux than anything else, haha!