Hello, i am currently getting lots of NT_STATUS_DISCONNECTED or TIMEOUT when trying to enum S**ct and r***t. any help would be appreciated
EDIT: (Got it, Thanks for the help)
Hello, i am currently getting lots of NT_STATUS_DISCONNECTED or TIMEOUT when trying to enum S**ct and r***t. any help would be appreciated
EDIT: (Got it, Thanks for the help)
Type your comment> @Raven37 said:
hello everyone working on root now. i think i understand at what process i should looking, but i can’t find file k**4.d under usual location. Can somebody help me?
nvm, I was blind, found it. Now trying to do something with it
okay, I am stuck on it is where any way to copy files from heist machine to my kali and vise versa?
Did you able to root?, am stuck on same step got k**.d* but what next? reading article , it mentioned it required log**.j** to decrypt? Am i on the wrong path?
im stuck with the username, i tried all in sb and w***r, little hint in pm, thanks
Spoiler Removed
i can’t decrypt secret hash… plz someone hint me
Type your comment> @azeroth said:
i can’t decrypt secret hash… plz someone hint me
Use hashcat - no rules - rocking list - crack in less than a minute
@Raven37 said:
hello everyone working on root now. i think i understand at what process i should looking, but i can’t find file k**4.d under usual location. Can somebody help me?nvm, I was blind, found it. Now trying to do something with it
okay, I am stuck on it is where any way to copy files from heist machine to my kali and vise versa?
I used pscp:
https://www.chiark.greenend.org.uk/~sgtatham/putty/latest.html
Hi Folks,
Stuck on privesc -
I have the db files
I have dumps of the process
What am I looking for? Am I in a rabbit hole?
Thanks
Finally got root.
Hints:
User:
enumerate, enumerate, enumerate
crack what you enumerate
enumerate some more
Look beyond what you think is normal
play with the rubies
Root:
Think a little forensically
Grep and Strings are your friend
Don’t we always harp on credential re-use?
Feel free to DM me for hints.
Thanks to @minatoTW for making the box and @marlasthemage for all your help!
@1337mm look at my comment above.
Wow I had an unusual hard time getting user. Protip: use hashcat on your native machine.
Rooted.
I hitted head against the wall to understand creds logic, last step was so obvious that i overlooked it.
Pretty fun and useful box.
I have the k.d* file, but I’m stumped as to what to do next. I cant see a way to decrypt it with the info I have. I can’t see any info that stands out from the processes either. Is there a tool or ps cmd like pspy but for windows? Also there is no l*****.j**n file?
EDIT:
Rooted. Was chasing rabbits.
Hints:
File transfers were a pain, nc.exe worked for me.
Root - I love taking a dump on Windows!
Awesome box, learned alot thanks @minatoTW!
I have all the usernames and the 3 password, still cant connect what do I miss ? Should I enum more ?
Type your comment> @C3PJoe said:
@1337mm look at my comment above.
Thanks for the comment “Think a little forensically” - rooted
@MinatoTW Thanks for this exercise, taught me a lot about what can be gleaned from the process, also about seeing the trees amongst the forest.
On root - Can someone DM me?
I am unable to find the exact next step. I have a stable shell and I am able to transfer files without any issues. I have looked at every process, like others suggested in this thread, but it looks like I am unable to find the exact one that will allow me to move forward.
Thanks!
Edit: Rooted - Thanks @Raven37
Anyone knows how to decrypt cisco type 5 password??