Rooted. Seemed way more complicated to me than some of the “medium” boxes I did.
On the topic of esoteric hints: I might be the minority here, but I like them. It’s not a solution in your face, but when you find a possbile path, which “clicks” with the esoteric hint, you know it’s not a rabbit hole and worth pursuing.
can someone PM a hint on the password?
got a bunch of users but everything i want to connect to needs a password…
was bruteforcing against some service but feels needless.
can someone PM a hint on the password?
got a bunch of users but everything i want to connect to needs a password…
was bruteforcing against some service but feels needless.
can someone PM a hint on the password?
got a bunch of users but everything i want to connect to needs a password…
was bruteforcing against some service but feels needless.
can someone PM a hint on the password?
got a bunch of users but everything i want to connect to needs a password…
was bruteforcing against some service but feels needless.
To get creds: once you have compiled a list of valid accounts. Look into different roasting techniques. Make sure your libraries and tools are up to date/latest version.
Root: I tripped myself up here and went deep down some powershell internals rabbit holes - so my advice is - after putting all the pieces together, make sure to log-off and then log-back on.
If someone has a post or hint discussing the methods used to extract a hash from that service, I would greatly appreciate it! Spent hours researching to no avail. I have a number of usernames, which service needs to be exploited and what toolset is used. Just haven’t been able to put the pieces together. Feel like I’ve totally hit a wall.
Bruteforcing isnt needed at any part of the box. Remember keberos is a lot vulnerable so google what you can get from it.
For root : Powersploit is a lot powerful if you combine it with the BloodHound. At last step. Go back to where u began … impacket.
I don’t think I would have put it in the easy category.
Obviously, once you get it done, the process looks fairly straight forward, but finding the way and the tools…
I did learn from it, tho, so thanking the creators is in order. And also @Ketil and @polarbearer of course.
Hints:
User: You have most likely already done something very similar in other boxed (I can think of two at least).
Root: As mentioned before, the hound will find the way for you
Rooted. Seemed way more complicated to me than some of the “medium” boxes I did.
On the topic of esoteric hints: I might be the minority here, but I like them. It’s not a solution in your face, but when you find a possbile path, which “clicks” with the esoteric hint, you know it’s not a rabbit hole and worth pursuing.
I wouldn’t really say being esoterically reaffirmed you aren’t in a rabbit hole is that much of a hint, and it certainly does nothing to help those who need genuine direction.
and yes this box was not 20 points IMO, sniper was way easier than this