Forest

why does everyone think their hints are so clever, the people generally asking for help are stuck and you aren’t helping by referring to animals… regardless of the context of how it relates for you, that doesn’t mean it will relate for them. Give real hints to people, JEEZ

If anyone gets stuck PM me, I’ll do my best to give quality hints without any spoilers.

Type your comment> @bipolarmorgan said:

why does everyone think their hints are so clever, the people generally asking for help are stuck and you aren’t helping by referring to animals… regardless of the context of how it relates for you, that doesn’t mean it will relate for them. Give real hints to people, JEEZ

If anyone gets stuck PM me, I’ll do my best to give quality hints without any spoilers.

you’ll find that sort of esoteric “hint” giving is a throwback to the OSCP forums, where everyone thinks they are Mr Robot when they say “root dance” and “ENuMerAtIon iz Key!”

Type your comment> @RawrRadioMouse said:

Type your comment> @bipolarmorgan said:

why does everyone think their hints are so clever, the people generally asking for help are stuck and you aren’t helping by referring to animals… regardless of the context of how it relates for you, that doesn’t mean it will relate for them. Give real hints to people, JEEZ

If anyone gets stuck PM me, I’ll do my best to give quality hints without any spoilers.

you’ll find that sort of esoteric “hint” giving is a throwback to the OSCP forums, where everyone thinks they are Mr Robot when they say “root dance” and “ENuMerAtIon iz Key!”

True… and it’s rather annoying. But for realz, enumeration is the key… but finding the lock is harder than basic enumeration. You can enumerate everything and if you don’t know which door has the lock to which you might find a key under the matt, you can get lost for days going down rabbit holes.

i’m with root and i think i found something by enumerating the AD… but it seems like it is not alive!

I’m stuck on SH.ps1 loading. Even its exe version doesn’t work for me. Can someone give me a nudge?

Any nudge for the privesc would be appreciated!! I worked through the PayloadsAllTheThings/Active Directory Attack.md at master · swisskyrepo/PayloadsAllTheThings · GitHub
but I keep getting access denied everywhere. Obviously I am missing something subtle.

Type your comment> @phat said:

I’m stuck on SH.ps1 loading. Even its exe version doesn’t work for me. Can someone give me a nudge?

are you getting an error or is it just not giving any output?

Guys if anyone needs help with this box, this should help you:

No output at all. I also tried to redirect the output to a file but nothing happened

Spoiler Removed

TR19: Fun with LDAP and Kerberos: Attacking AD from non-Windows machines - YouTube more help

20 points???!!

My advice:

When you get to the map, don’t rely too much on the arguments bloodhound gives you in it’s abuse info.

My connection dies when i invoke bh.

Type your comment> @phat said:

My connection dies when i invoke bh.

Maybe try a more up to date version of SH or remotely via python version, but beware remote version did not grab all info first time around for my gave me a false view of things.

rooted – I usually try to keep away from rants or other comments about boxes here, cause i really value the learning experience of all of them. Thanks to the creators for this journey on forest but I’m really torn wether you should depict that this is an 20 pts box. Fell for a lot of rabbit holes and quirks that revelant tooling has.

im trying to get creds with nmap useing the brute L*** script but i get nothing it says valid creds but says empty
can someone PM me i have been waiting 2 days for some help.
Thanks

Rooted. Don’t think it’s a 20 pts box.
Everything is already in the thread for user, use basic enumeration + impacket.
For root it won’t be so hard if you rooted “Reel” machine. Just don’t go very far, try impacket on the very last step

Rooted. Seemed way more complicated to me than some of the “medium” boxes I did.

On the topic of esoteric hints: I might be the minority here, but I like them. It’s not a solution in your face, but when you find a possbile path, which “clicks” with the esoteric hint, you know it’s not a rabbit hole and worth pursuing.

is brute force required to get a password?

Type your comment> @an0n said:

is brute force required to get a password?

Just for user, Adm… use hash