Does anyone have any advice on getting a shell back as user? I have a basic shell and the user creds, but the Windows “restrictions” keep preventing me from executing anything to get a shell back. I’ve tried everything I can think of, short of compiling C# code.
Thanks!
Type your comment> @ssklash said:
Does anyone have any advice on getting a shell back as user? I have a basic shell and the user creds, but the Windows “restrictions” keep preventing me from executing anything to get a shell back. I’ve tried everything I can think of, short of compiling C# code.
Thanks!
@ssklash said:
Does anyone have any advice on getting a shell back as user? I have a basic shell and the user creds, but the Windows “restrictions” keep preventing me from executing anything to get a shell back. I’ve tried everything I can think of, short of compiling C# code.
Thanks!
Im not sure if this is the intended route or not but it works… look into certutil.exe
Thanks @scrapdizle
Did you use a pretty standard payload for it? I’d messed with certutil
a bit, but no luck. I will keep playing with it and see what I can do.
Anybody got any hint for this machine ? I have spend whole day but nothing…
Thanks @clubby789 and @th3d00msl4y3r for helping me out.
The box is quite amazing and i have learned a lot from the box and from both of you guys.
Finally Rooted the box: after 2 days making syntax mistakes every time.
Initial Foothold : Look for OS and play with web application try to enumerate every parameter each and every point.
For User : Look for some juicy information may be the non functional page in the app can help.
For Root : find something interesting and google for more about that.
PS: Check synatx everytime otherwise you will get frustrated with the box .
Dancing around “basic” shell and some creds. Cant get “user” shell. Probably need a hint to PM
Type your comment> @s1mpl3 said:
Dancing around “basic” shell and some creds. Cant get “user” shell. Probably need a hint to PM
Port forwarding.
What’s wrong with reset? There’s a certain file with 0 size which I need normal size but the reset button doesn’t work lol. Edit: working again
Is windows defender removing my special payload for root?
Edit: Rooted
Need a nudge on the LFI part . Am I on the right path?
Need help for from i*sr user to the ch**s user.
Rooted.
Fun and very excited.
Thank you
Spoiler Removed
C:\Windows\system32>whoami
sniper\administrator
It was fun, but man, I hate powershell XD
user:
For anyone like me who is struggling with initial reverse after you get execution search here → http://ippsec.rocks
Initial reverse shell like ■■■■ literally really hate windows cuz of that.
Spoiler Removed
( hmm…i said too much! )
Finally Got the initial shell. thanks to all those who helped me out.
Finally rooted !
That was a tough box to be honest… Don’t hesitate to PM me if needed