News from the Discord is that a patch is being worked on. Those who want to do it the intended way can either try to stay away from things that clearly look like a mistake or wait trying to pwn the box until tomorrow.
At the very least please don’t do it the unintended way and then leave a 1 star “lol 2 ez man this sux” rating…
Services don’t even reveal anything at this point. Have tried switching servers. I can see the open ports, but enumeration displays everything as closed or broken. Going to wait until tomorrow. What a shame.
ok I know that some ppl rooted the box with an unintended way, but I just got root without even exploiting anything!
I was just enumerating, no metasploit or any other attack tools of any kind, just basic enumeration.
Am i missing something?
So I found a temp username and password but when I try to use it I get a “Failed to connect with smb1 – no workgroup available” error. A nudge would be appreciated
ok I know that some ppl rooted the box with an unintended way, but I just got root without even exploiting anything!
I was just enumerating, no metasploit or any other attack tools of any kind, just basic enumeration.
Am i missing something?
Confirmed that this is the same “exploit” other people have been using to do it the unintended way.
Basically the ACL on the service control manager has somehow gotten messed up and is allowing all users to create system services. Already got a fix for it and just waiting for it to be applied and rolled out across the servers
@clubby789 said:
Anyone having trouble with the high port:
NC doesn’t work (who knows why). Use telnet
Weird. It works with both putty and telnet perfectly fine
Is the high port needed for initial foothold/user? so far all i’ve done is enumerate some users on the obvious service and get access denied everywhere. hints are welcome
Again apologies for this being such a messy launch.
Don’t beat yourself up about this - it’s not the messiest launch I’ve seen. It’s easy to avoid the “Unintended” methods and if you do, it’s fairly fun.