Heist

I find 3 users and 3 passwords.
I find shares.
How should I proceed?

Type your comment> @fbr0 said:

I find 3 users and 3 passwords.
I find shares.
How should I proceed?

You should find more users.

I got user! First time attempting a box, took me a few days mostly because of dealing with one of the passwords and getting familiar with new tools.

On to root!

I think I am on the right path for root but I think I need some nudging for the last piece. If you see this, got root, and feel like helping feel free to PM

Edit: I got root. Sleep helps shake out the cobwebs. PM for nudges.

Ok, I need help. Can someone let me know if I’m using the right tool or not? I’ve got User already, and I used e******m to get a shell that I used to download the file. I’m using the same thing to try and investigate this process thing. However all the PS commands I attempt are getting AccessDenied. The built it services command I think is leaving some info out. So I don’t know if I should be using something else or what.

Type your comment> @bumika said:

Type your comment> @fbr0 said:

(Quote)
You should find more users.

I find all users. @bumika

What would be the next step?

Hi need some help on enumerating users. I cracked all the passwords but i cant determine the username.

Type your comment> @fbr0 said:

Type your comment> @bumika said:

Type your comment> @fbr0 said:

(Quote)
You should find more users.

I find all users. @bumika

What would be the next step?

Next step is sending a PM for me. :slight_smile:

Any help for root mimikatz shell is unstable

got 3 users, 3 passwords (one cracked using john), tried to login but failed… (tried all options) please help me

i got 9 users and 3 passwords, i discovered shares on user.
any help?

Find more users.

(JadeWolf + Comments on Forum + Google) / Loosing Marbles = Root Dance!!!

Lesson learned trying to download a file from Windows, RTFM on the software that you connected to the box with // Once you find the password it is a Windows machine and don’t used **** but m******r

ROOTED! THANKS @noi !

Rooted.

First Windows machine for me, i was a bit confused per moments x)

Thanks for the machine !

Feel free to PM me for hints (user / root)

was able to get c*****.txt and user:pwd but cant figure out how to get e*** a******?

Great machine for those new to exploiting Windows, like myself. I learned a lot from this machine, thanks @MinatoTW! Techinically there is no exploitation involved (making it the perfect machine for practicing you Windows-fu), its a game of “find the creds”. All the tips you need are in the first 11-12 pages already. Here are some things to read up on though:

Powershell
Impacket
Process Memory Dumps
Windows Sysinternals

Also FYI if anyone is wondering why the metasploit modules don’t work, a quick inspection using wireshark shows msf sends the request in SOAP format, which causes the server to respond with a 500 code.

Hey guys,

This is my first Windows box, and I’m having some trouble with even figuring out how to start off… I discovered the three plaintext passwords from the C*.txt file, along with the two users H* and A*. Not sure what to do with this information…

If you’d like to help, please shoot me a PM! I’d appreciate it :slight_smile:

hey this is my first windows box and i have found the /a*********/c*****.txt file on the website but dont really know where to go from here.
any help would be appreciated

root, fun box. was late to party so did the intended way.
al hints are in the first 10 pages.