I’m using off-the-shelf code to get root. It requires me to make a dns query, which i do using nslookup but nothing happens (the code is not executed upon the query). I have uploaded everything to the target.
Any hints? I can elaborate further in PM.
Edit: Got root. But i put the code in initialize() to get it. Would still like to know how to get it via query.
I think we used the same code. Thanx for the hint, was very useful.
Nice machine, especially escalation to root very enjoyable. Well done author!!!
I’ve connected with m****** with r***t and with s**ct on some shares, but no dice. This is my first Windows box, can someone give me a hint please?
Thanks
Rooted - main issue is there are two ways to launch i******* s** server one gets reverse shell the other doesn’t - other than that online guide shows how to do exploit - though this is easier with straight forward running of payload - ignore mentions of mimikatz
I think i found the exploit for root.
But for executing this I need to compile some code with VS as far as I see. Since I dont have a Windows machine, is there a way to do this on linux?
User: You have one password, try to get it working. Something evil happens when SysAdmins are lazy. Then go to the roots and force your way in
Root: You will find what you will abuse. After that I´ll say following: The file you will use can be remotely or on the machine. For the second way it doesn’t matter where it is but you have to make it by yourself or the AV will nuke it, poison doesn’t work.
If you go by the remote path trust in impacket and his servers before you use a native tool. As bonus you will see with impacket if it really gets contacted and you will know that the file is on his way to the machine
Comments for Root are very helpful. Initially did not understand what it is. But once I observed thing, got to know what exactly this means. Thanks !