Type your comment> @imousrf said:
is the box down on the free servers ?
It’s bleeding as ■■■■ on vip servers too
Type your comment> @imousrf said:
is the box down on the free servers ?
It’s bleeding as ■■■■ on vip servers too
@lebutter said:
I am a bit confused with the difficulty of the servers. I am not good at all with Windows, this box and another one are the only one that seemed ranked on the easy side… well, i one of the easy box deals with JSON deserialization, so “easy” that it’s not covered inmost of the entry-level courses or even the Webapp Hacker handbook, and this other one is this one, where none of the classical escalation channels (ie. misconfigured services/directory permissions) seem to apply either.
It’s all about subjective assessments
Can someone give me a nudge for escalating from Ry** user to root i think i know what to do but what i have been doing is not working i can explain everything i have tried so far in a pm. Thanks
Easy machine
– User:
I’m using off-the-shelf code to get root. It requires me to make a dns query, which i do using nslookup but nothing happens (the code is not executed upon the query). I have uploaded everything to the target.
Any hints? I can elaborate further in PM.
Edit: Got root. But i put the code in initialize() to get it. Would still like to know how to get it via query.
Type your comment> @tang0 said:
I’m using off-the-shelf code to get root. It requires me to make a dns query, which i do using nslookup but nothing happens (the code is not executed upon the query). I have uploaded everything to the target.
Any hints? I can elaborate further in PM.
Edit: Got root. But i put the code in initialize() to get it. Would still like to know how to get it via query.
I think we used the same code. Thanx for the hint, was very useful.
Nice machine, especially escalation to root very enjoyable. Well done author!!!
Chasing a nudge for root. 99% of the way!
Can`t create right DLL to work! Any article to read?
Type your comment> @sta1ker said:
Can`t create right DLL to work! Any article to read?
Most people forget the architecture of the box x86 or x64
Type your comment> @nav1n said:
@sta1ker said:
Can`t create right DLL to work! Any article to read?
the AV blocks ms*t payloads
edit: got root
Got root. Another great windows box.
Type your comment> @sta1ker said:
Type your comment> @nav1n said:
@sta1ker said:
Can`t create right DLL to work! Any article to read?the AV blocks ms*t payloads
Try to serve it to the box. Some packet will help you with this
@sta1ker said:
Type your comment> @nav1n said:@sta1ker said:
Can`t create right DLL to work! Any article to read?the AV blocks ms*t payloads
Block it, simple.
pheew…got root, didnt upload anything in the end…
I’ve connected with m****** with r***t and with s**ct on some shares, but no dice. This is my first Windows box, can someone give me a hint please?
Thanks
@guihle at the same spot as you. Can’t find anything in the shares. Wondering if I should be trying to get a shell using a different method.
@guihle
@joe297
Do nmap scan on high port manually. There is a service that is like ssh, but for windows.
PM if you need more help
i need a nudge on user please ))