Heist

is the admin pwd in www**** a rabbit hole ?

Ok, this box is weird. I have the new username and all passwords. According to one of the aux scanners, one login combination works fine but it fails while using any winrm shells.

Am i missing something obvious here?

anyone give a hint on root, i cant seem to run any enum scripts. the user doesnt seem to have much privs cant even access the public folder weirdly

is there something in I*C$? or am i going the wrong way?

Finally rooted!! For user, from 1 to 10, enum 27. For root, think about a real world situation and use the environment you know!
PM me on Telegram (jorgectf) for any help.

Finally user… :dizzy:

Could anyone give me a nudge on root. I have looked through and cannot figure out where to head to. I found a hash in the ww****t but not sure if that is a rabbit hole. Also im not that good with windows machines.

Type your comment> @Sameasname said:

Could anyone give me a nudge on root. I have looked through and cannot figure out where to head to. I found a hash in the ww****t but not sure if that is a rabbit hole. Also im not that good with windows machines.

I’m in exactly the same boat. Not great with Windows, and my session drops every few minutes.

Type your comment> @0x6a666c6a72 said:

Type your comment> @Sameasname said:

Could anyone give me a nudge on root. I have looked through and cannot figure out where to head to. I found a hash in the ww****t but not sure if that is a rabbit hole. Also im not that good with windows machines.

I’m in exactly the same boat. Not great with Windows, and my session drops every few minutes.

that sucks

So I’ve gotten 3 usernames and 3 passwords but still cannot connect to high port…do we need more?

Type your comment> @D4nch3n said:

So I’ve gotten 3 usernames and 3 passwords but still cannot connect to high port…do we need more?

I had same issue but was nudged to look at lo******d from impacket

Type your comment> @Sameasname said:

Type your comment> @D4nch3n said:

So I’ve gotten 3 usernames and 3 passwords but still cannot connect to high port…do we need more?

I had same issue but was nudged to look at lo******d from impacket

Got it. Thanks!
Now am stuck at root

Type your comment> @CryptoCat said:

Did somebody break the share? :confused:

Yes! i did both…

Can someone please help me with finding creds? I am sure I have to login to the service in port 5*** but I am nowhere. Please pm me where to look for. thanks

For the people stuck with 3 users/pwds, ENUMERATE, then come back where you are trying those creds.

Got user, was fun but took a while to crack one of the creds. I have a Ps shell but not sure how to gain privileged access on this one.

If you do standard enumeration you might see something that is running that’ll catch your eye.

Rooted

Machine proved that I do too much on Linux, was quite stuck on root because initially I didn’t know where to look and after because I had some faulty downloads and command arguments.

I think I’m going too look for the other ways to root as exercise

Type your comment> @rheaalleen said:

Rooted

Machine proved that I do too much on Linux, was quite stuck on root because initially I didn’t know where to look and after because I had some faulty downloads and command arguments.

I think I’m going too look for the other ways to root as exercise

same i spent all my time with linux boxes, still noob with windows boxes (getting user is not hard) but the problem is the enumeration once you’re inside the box

@sazouki

Enumeration wasn’t my main problem but interpretation. The scripts/processes you use are pretty much just conversion to Windows.