Resolute

So I can get to where I need to. My problem is my payload does not seem to fire after registering. I am using a custom payload similar to the blog examples. Can anyone give me a nudge?

Type your comment> @m0squ1t3 said:

So I can get to where I need to. My problem is my payload does not seem to fire after registering. I am using a custom payload similar to the blog examples. Can anyone give me a nudge?

PM me.

I appreciated this machine much more than i want admit.
Super fast user with a very nice root.
Learned alot + balanced difficulty for a Windows machine (as i’m pretty noob with windows).

Used d*l inj. path

can I get a hint to get the second user password

stuck getting 2nd user.

I can browse around in s**cl**** as 1st user, however doesn’t seem to be anything I can download/view from there that helps.

Im trying the things on higher nmap ports, but they dont seem to ‘do anything’, and I dont know how to ‘name’ it to search for exploits I can use with 1st user creds.

A very Nice box something very new i haven’t think this could be possible to get user and root.
Every hints are there on forum. i just say keep calm and look each and every possible file directory maybe there is something useful.

@OddRabbit and @Tellico for all your help.

@egre55 impressed with the box… :slight_smile:

Type your comment

@spowlay said:
Can anyone help me use the right M***-s**> @PianoDentist said:
stuck getting 2nd user.

I can browse around in s**cl**** as 1st user, however doesn’t seem to be anything I can download/view from there that helps.

Im trying the things on higher nmap ports, but they dont seem to ‘do anything’, and I dont know how to ‘name’ it to search for exploits I can use with 1st user creds.

search for things that might be hidden …in the root

thanks. someone pointed me in direction of e**l-w**** tool[I dont think that need spoiler-tagging, however unsure. Can msg me if also completely stuck on even starting 2nd user like I was]. I had no idea existed and made things more straightforward :slight_smile:

Very good machine, has made me learn and above all enumerate.

Recommendation

User1, enumerate enumerate enumerate
User2, the simplest is to continue enumerating but from the other side

root, DN ******* is a solution, a bit complex but very useful.
ms ******** is easier to carry.

Type your comment> @qwas2zx9 said:

Type your comment> @ctlfish said:

Type your comment> @qwas2zx9 said:

i have already made a d** injection using the user2 and i am trouble on restarting the d*s server. Can you give me a nudge?

net start and friends didn’t work for me, but sc.exe did. It’s also important to use sc.exe to disambiguate if you an a powershell environment (sc is an alias for Set-Content).

I rooted it using a different approach but I want to take the hard path which is injecting dll and restarting the service. I am struggling on using the hard method.

I struggled too; PM me if you need a little help or some links. This box was a bookmark creating event for me.

Rooted! Nice one!! Struggled a little in the r**n user part.

Hack The Box

To everyone that is having problems finding the second user’s information, are you only looking in places you can see? How can you see things that don’t appear at first?

Rooted! Nice box! Thanks @Uglymike and @LateComerz so much for your hints.

Ha. Finaly :smiley: Nice box.

I’m stuck at initial foothold… enumerated some SMB users not sure what to do next… Could anyone dm me a hint?

got first user flag on this box! =)

Pfff this AV is blocking every single d** file that runs on d** service restart. Any hints???

Type your comment> @xtonousou said:

Pfff this AV is blocking every single d** file that runs on d** service restart. Any hints???

The problem isn’t with AV. I was able to inject the d** without any s****** g* n** or other encoding.

Feel like I’m banging my head against a brick wall here, I’ve tried all types of m********r but I can’t get a connection.

The d** I created has taken with no issues from the AV as far as I can see, I just don’t seem to be able to get the box to talk to me.

Any nudges would be much appreciated.