Forest

i’m completely stuck with user… got an enumeration of users… i can’t get i*****et tool working… tried with every syntax that went in my mind. surely i’m missing something on the syntax… can somebody PM me?

@Nt3c said:
Hey guys! need some help.
When i run the cmd to give me Dc rights using powerview got the following error:
Warning: Error granting principal xxxxxxxxxxxxx xxxx 'D
c’ on DC=htb,DC=local : Exception calling “CommitChanges” with “0” argument(s): "A constraint violation occurred

the comand to add the ACL seams to be ok, using evil-***rm
any idias?
Thanks.

Same situation for me :frowning:
Already tried to do this locally with evil-**rm as well as remotely from my Windows machine with $Cred object and -Credentials argument. Both methods gave same error :confused:
Could somebody help me with this?

Moreover - when I add s**-a******* to Exch**** W******* P******* group and check this with Get-DomainGroupMember everything is fine, s**-ao is in the group. But when I logout from evil-w and login again and execute Get-DomainGroupMember there is no s-a******* in this group.
I feel like Im missing something…

Need help overall on this box in dm please.

tried using i*****t scripts, didnt work out.

Type your comment> @Looking4 said:

Need help overall on this box in dm please.

tried using i*****t scripts, didnt work out.

Default Kali host contains some “wrapped” It programs and those do not cover features of all original python scripts. Download fresh It package from git, and use scripts located in its examples directory.

Type your comment> @bumika said:

Type your comment> @Looking4 said:

Need help overall on this box in dm please.

tried using i*****t scripts, didnt work out.

Default Kali host contains some “wrapped” It programs and those do not cover features of all original python scripts. Download fresh It package from git, and use scripts located in its examples directory.

That`s what i did.
Maybe i have to do something else?

Type your comment> @jFlap said:

i’m completely stuck with user… got an enumeration of users… i can’t get i*****et tool working… tried with every syntax that went in my mind. surely i’m missing something on the syntax… can somebody PM me?

I am at the same point. Tried almost every relevant scripts for hash dump but it is not working somehow. Some online examples shows the usage with the Hashes already!!!

Any help would be appreciated.

Type your comment> @DeDeReporter said:

@Nt3c said:
Hey guys! need some help.
When i run the cmd to give me Dc rights using powerview got the following error:
Warning: Error granting principal xxxxxxxxxxxxx xxxx 'D
c’ on DC=htb,DC=local : Exception calling “CommitChanges” with “0” argument(s): "A constraint violation occurred

the comand to add the ACL seams to be ok, using evil-***rm
any idias?
Thanks.

Same situation for me :frowning:
Already tried to do this locally with evil-**rm as well as remotely from my Windows machine with $Cred object and -Credentials argument. Both methods gave same error :confused:
Could somebody help me with this?

Moreover - when I add s**-a******* to Exch**** W******* P******* group and check this with Get-DomainGroupMember everything is fine, s**-ao is in the group. But when I logout from evil-w and login again and execute Get-DomainGroupMember there is no s-a******* in this group.
I feel like Im missing something…

ah, it isn’t me.
got the same problem

whoa, i figured it out (i think,have to doublecheck)

Type your comment> @Looking4 said:

Type your comment> @bumika said:

Type your comment> @Looking4 said:

Need help overall on this box in dm please.

tried using i*****t scripts, didnt work out.

Default Kali host contains some “wrapped” It programs and those do not cover features of all original python scripts. Download fresh It package from git, and use scripts located in its examples directory.

That`s what i did.
Maybe i have to do something else?

It is really difficult to Get the proper one of 48 scripts. It is a hint.

I got username and tri3d to get password or hashes but didnt get any of them i was wrong some where couldnt figure out need help !!!

Type your comment> @DrCyb3r said:

I got username and tri3d to get password or hashes but didnt get any of them i was wrong some where couldnt figure out need help !!!

DM me, i will help u

Anyone here who can give me a nudge to root. I can DM and tell where I am stuck. Any Help will be really appreciated! Been Stuck here for 2 days now lol.

Anyone else stuck with the d…y… right problem?

I can’t seem to get the dog to walk using e******m. Can someone DM some clues?

got user and the password, what should i do next?

PM me some small tips please!!!

working on this one

Im trying to use multiple scripts from tool mentioned here a lot of times but all i get is
KDC_ERR_WRONG_REALM
can someone dm me with some tip becouse im trying for a long time now and can’t do nothing

@hubi277 check your DM

i found the user,found the hash,cracked it got the pass,enumerated the shares, but cant seem to connect to them.
hints please

Really fun box, learned so much and yet there is still so much more to learn about this, even after getting system…

If you are like me and only have notions of this type of attack and never actually performed it, my best overall advice is: enjoy the learning experience! Read alot and document your findings and dig deeper into why some things (tools) work and why not. It’s going to take some time but the time spent, will ROI on other Windows boxes

  • Got side-tracked by other user’s footprints on the system, so before you map out your path make sure you are focussing on the right things, maybe reset the box before you pull out the map data.

  • About using the map: there are other tools available that plug into it and can calculate and automate a path for you. I actually needed this because the suggested PS commands to do it manually, did not work for me (Both versions of P*V. I will get to the bottom of this, want to know why)

If you’re stuck, feel free to dm me for nudges

Type your comment> @wwingcomm said:

Really fun box, learned so much and yet there is still so much more to learn about this, even after getting system…

If you are like me and only have notions of this type of attack and never actually performed it, my best overall advice is: enjoy the learning experience! Read alot and document your findings and dig deeper into why some things (tools) work and why not. It’s going to take some time but the time spent, will ROI on other Windows boxes

  • Got side-tracked by other user’s footprints on the system, so before you map out your path make sure you are focussing on the right things, maybe reset the box before you pull out the map data.

  • About using the map: there are other tools available that plug into it and can calculate and automate a path for you. I actually needed this because the suggested PS commands to do it manually, did not work for me (Both versions of P*V. I will get to the bottom of this, want to know why)

If you’re stuck, feel free to dm me for nudges

help …