Resolute

hey guys ! So I got access to rp******* with the creds. But I don’t know what to do from here can you please give me a hint?
Thanks

So I have the right creds for the first user, but it’s been an hour I search, and I find nothing interesting in the S** shares. Do you have a hint ? :frowning:

Edit : I’m dumb, I do not did a full scan so I didn’t saw the high port.

is r*** needed to get root?

Very nice box, its all about enumeration , and for root a little bit of googling if you are not familiar with technique

Spoiler Removed

root has such a cool exploitation process, just read carefully the blog after you get your root foothold.

I really enjoyed it @egre55 , thank you!

If you guys need nudges, PM me, but please don’t come with messages like “Are these credentials valid?” , because I won’t respond to these type of questions anymore.

Rooted. Thanks to everyone who helped me push past the problems with root, pretty frustrating but finally got it.
User: Easiest user ever, just read the output carefully
Root: A bit CTF-y but enumerate everything, once you find the folder switch over and find out more about who you are now. Google will then take you the rest of the way.

The root exploit doesn’t work for me, i even tried copying the exact same commands other people did and it does not work! wtf man?

Cool box, I really enjoyed it. Feel free to PM if you’re stuck…

Probably the easiest box ever. Remember to try harder

Got user pretty quick, I’m thinking that targeting r*** and then taking advantage of his membership in D***n sounds right. Any hints on how to get r or (if that’s not right) try to move to root?

Spoiler Removed

Can anyone give me a hint about user ?
I enumerated and got lot of usernames

Type your comment> @silverstar007 said:

Can anyone give me a hint about user ?
I enumerated and got lot of usernames
find more info about users

Spoiler Removed

rooted

PM for help

Hack The Box

User was fast. Hard to hint it without spoiling.
Do what you do with all Windows boxes but read the output more carefully.
If your creds are not working, maybe try to replicate what bad users and admins are doing with passwords.

Now AFK and root work this afternoon.

Type your comment> @joshibeast said:

User was fast. Hard to hint it without spoiling.
Do what you do with all Windows boxes but read the output more carefully.
If your creds are not working, maybe try to replicate what bad users and admins are doing with passwords.

Now AFK and root work this afternoon.

took a while to get this hint lol. To everyone still stuck, do your usual windows enum and maybe grep for some juicy strings? :wink:

Type your comment> @mpzz said:

Type your comment> @joshibeast said:

(Quote)
took a while to get this hint lol. To everyone still stuck, do your usual windows enum and maybe grep for some juicy strings? :wink:

I know exactly what u mean and I have the juicy thing as well…
I do not know what to do with it coz evry i****t script denies access :frowning:

Type your comment> @Impulse said:

Type your comment> @mpzz said:

Type your comment> @joshibeast said:

(Quote)
took a while to get this hint lol. To everyone still stuck, do your usual windows enum and maybe grep for some juicy strings? :wink:

I know exactly what u mean and I have the juicy thing as well…
I do not know what to do with it coz evry i****t script denies access :frowning:

maybe you’re using that juicy thing with wrong user… btw u dont need i****t scripts too. other port is also open…