Forest

hello
can someone help me in walking the dog with the snake?

Been trying to execute BH.exe or .Ps1 but both just fail with out any output. could someone please DM Me. i’m using EW** for shell. going crazy (loving the challenge, but hit a wall and i’m no longer learning) Please DM.

Finally rooted. It was my first root for windows machine and I had 0 knowledge about AD, but with a help of great people I learnt a ton. I highly recommend to watch some videos about AD security and bloodhound.
If you need any help feel free to ask me, because I know how confusing it can be if you’ve never done anything with AD

Whew, finally rooted - what a fight this one was! Thanks @VoltK

Rooted. nice box - Big Thanks to the creators (echoing some of the other comments) this felt to be more than an easy box, I’m guessing you need a very very solid understanding of AD for it to be easy.

Thanks to nav1n and cassn94 for there help !!

Having a helluva time with this Machine. I was able to get users, ports and such. But still struggling on a foothold to gain a credential to login. Mostly seem to be having issues on the cmd line part of it right now. Could use a nudge on command help if someone could please DM me

Need a nudge for root. Could someone DM me with a little help.
New to the dog and AD, think I know what I need to do just don’t really know how to go about it. Anything helps! Thanks.

** edit ** whoops lol

Type your comment> @Icyb3r said:

Type your comment> @xcabal said:

I am at the last step but I cannot crack the hash :cry:

If you on the last step of cracking hash for user account, for sure you need hashc**, but last step for root some impacket scripts accept hash for login.

Thank you for posting this. I almost gave up when I couldn’t crack the hash. This was a good learning experience but man was it rough going through the forest.

finally the root

Totally new to windows AD here.
I got the permissions suggested by the dog but the kat doesnt work at all :frowning: any hints? am i on the right track? (im just using the same user but with more permissions)

Rooted! thank you @VoltK

Note: keep in mind that a lot of people is messing around with your user.

hey hackers. i uploaded dog through evil ps, but when i try run .\SpH*d.exe nothing will happen… any ideas? ps1 either :confused: thx for any nudge

How long did you guys run favorite cracking tool? Mine is taking forever (****cat)

edit

I parsed a param so it didn’t use my wordlist. NVM :smiley:

Has anyone come across this issue? I’ve tried omitted the domaincontroller option and tried all LDAP related ports. Also tried the IgnoreLdapCert.

Ldap Connection Failure.
Try again with the IgnoreLdapCert option if using SecureLDAP or check your DomainController/LdapPort option

EDIT, tried harder and figured it out

Hi everyone,

That’s my first windows box that I really trying to solve, but I have no experience for windows pentest techs at all.

Got user creds, logged in to some services but no luck getting shell, user flag, finding path to proceed.

Please PM me some articles, retired writeups, any materials that can help to understand howto and what can be done here, just have no idea where to start.

Regards,

I feel so stupid now. I completely overlooked an e***-****m little tool that I could use. Finally got user!!! Now on to root!!!

Can someone Message me. I have been stuck on root for days and could use a hint in the right direction. I know about the two *oup that i need to be in. I just cant figure out what final step to get access. Thanks

Type your comment> @mikensen said:

hey hackers. i uploaded dog through evil ps, but when i try run .\SpH*d.exe nothing will happen… any ideas? ps1 either :confused: thx for any nudge

you can use bloh*-python in order to collect data remotely

Hey guys, stuck on getting user. I managed to get the hash but not sure what to do with it next. I am sure bruteforcing is not the best way. Should I look into this evil little tool everyone is talking about?

Alright, I am currently playing with the dog but somehow the system is not letting me… nothing comes back …any hints?