Forest

I found … on mf sm l***n

I only got the list of the user Accounts on this machine yet. Stuck on where to go next.

I started brutef** with 7 u***s

Type your comment> @rholas said:

I started brutef** with 7 u***s

I dont think the user flag is based on bruteforcing at this point.
Anyways Good Luck

Type your comment> @rbt said:

Type your comment> @rholas said:

I started brutef** with 7 u***s

I dont think the user flag is based on bruteforcing at this point.
Anyways Good Luck

but all open ports need us* and pass*

Type your comment> @rholas said:

Type your comment> @rbt said:

Type your comment> @rholas said:

I started brutef** with 7 u***s

I dont think the user flag is based on bruteforcing at this point.
Anyways Good Luck

but all open ports need us* and pass*

I’m using rid***m.py to bruteforce all of them rn

Type your comment> @rbt said:

Type your comment> @rholas said:

Type your comment> @rbt said:

Type your comment> @rholas said:

I started brutef** with 7 u***s

I dont think the user flag is based on bruteforcing at this point.
Anyways Good Luck

but all open ports need us* and pass*

I’m using rid***m.py to bruteforce all of them rn

same with sm lgi with msf

also checked armie but not found any e*

The comments so far are very encouraging, was planning to start working on this machine tonight ?

This github has a usefull tool to get to user

Type your comment> @Davincible said:

This github has a usefull tool to get to user
GitHub - fortra/impacket: Impacket is a collection of Python classes for working with network protocols.

if you mean for l*****d.py … I already got all the users using another script.
But every port requests password authentication

User was easy - for Root i have no idea so far - I tried many things but none of them work

Type your comment> @j3wker said:

User was easy - for Root i have no idea so far - I tried many things but none of them work

do you have any hint on what to look for in user? I already enumerated the usernames and Im stuck

@rbt no to capture hashes

Type your comment> @Davincible said:

@rbt no to capture hashes

thanks for the hint. got it

I Liked this box, Great job of the guys who made it!

Any tips for root? :slight_smile:

@MrArlen Enumerate what you can do with the user on the box :wink:

Can someone give me a nudge. Everyone is talking about different scripts to get a list of users but I don’t know where to start. Help is much appreciated!

I used sparta and got the list of users. Still dont know what to do with them though.