Here are some tips
User: Look at all the different services available to you, research all the different techniques to exploit them. once you have creds, use the higher port to get a shell. There’s a really useful tool someone posted here on the forums you can use to help.
Root: You should know by now what the role of this machine in a network is. If you’ve researched privilege escalation options for this, the “dog” you need to use should be apparent. If you’re having trouble getting the tool to work on the box, try switch to a meterpreter shell. From here, you should be able to see a path.
I got the lowpriv user creds but can’t access the machine… What is this mystical higher port that will give me shell access? I only see S*B services pretty much and the mainstream impacket tools which give shell require write access to the share and you can’t change the default ports.
I keep getting rpc_s_access_denied.
Any nudge is appreciated!
EDIT: Found out the port and service. Initially thought it was not something I could connect to but thanks to nudge from @PercyJackson35 I learned a new tool that I did not know before
I got the lowpriv user creds but can’t access the machine… What is this mystical higher port that will give me shell access? I only see S*B services pretty much and the mainstream impacket tools which give shell require write access to the share and you can’t change the default ports.
I keep getting rpc_s_access_denied.
Any nudge is appreciated!
for smb (as said above) you need writable admin$ or c$ to execute commands, you need to find another service
there must be something I miss ? like many others getting the usersID’s was easy but how to get the pw ? … all those imp- scripts require a valid cred right ?
there must be something I miss ? like many others getting the usersID’s was easy but how to get the pw ? … all those imp- scripts require a valid cred right ?
I’m im in the road for root since 2 days
I used the dogs tool have the schema and also change pass of a user se**** and verify this with smb . But I’m stuck here can’t use theses new creds to authenticate as him trying runas pow…shell or wi**m from output but nothing
I got the lowpriv user creds but can’t access the machine… What is this mystical higher port that will give me shell access? I only see S*B services pretty much and the mainstream impacket tools which give shell require write access to the share and you can’t change the default ports.
I keep getting rpc_s_access_denied.
Any nudge is appreciated!
EDIT: Found out the port and service. Initially thought it was not something I could connect to but thanks to nudge from @PercyJackson35 I learned a new tool that I did not know before
I have mixed feelings about this box. On the one hand it involves some some classic windows vulnerabilities. On the other I would consider the pre-requisite knowlege too high for a meger 20 points.
That box was all new to me and I have discovered some fantastic tools that I will be using more of.
why does everyone think their hints are so clever, the people generally asking for help are stuck and you aren’t helping by referring to animals… regardless of the context of how it relates for you, that doesn’t mean it will relate for them. Give real hints to people, JEEZ
If anyone gets stuck PM me, I’ll do my best to give quality hints without any spoilers.
why does everyone think their hints are so clever, the people generally asking for help are stuck and you aren’t helping by referring to animals… regardless of the context of how it relates for you, that doesn’t mean it will relate for them. Give real hints to people, JEEZ
If anyone gets stuck PM me, I’ll do my best to give quality hints without any spoilers.
you’ll find that sort of esoteric “hint” giving is a throwback to the OSCP forums, where everyone thinks they are Mr Robot when they say “root dance” and “ENuMerAtIon iz Key!”
why does everyone think their hints are so clever, the people generally asking for help are stuck and you aren’t helping by referring to animals… regardless of the context of how it relates for you, that doesn’t mean it will relate for them. Give real hints to people, JEEZ
If anyone gets stuck PM me, I’ll do my best to give quality hints without any spoilers.
you’ll find that sort of esoteric “hint” giving is a throwback to the OSCP forums, where everyone thinks they are Mr Robot when they say “root dance” and “ENuMerAtIon iz Key!”
True… and it’s rather annoying. But for realz, enumeration is the key… but finding the lock is harder than basic enumeration. You can enumerate everything and if you don’t know which door has the lock to which you might find a key under the matt, you can get lost for days going down rabbit holes.