Sauna

No, it’s just a listing of each user and some manual work on it :blush:
Think like the admins of the company

Owned user on this box! Now going for root.

User is relatively easy if you have done Forest and Monteverde. Any hints for root?

Type your comment> @sp00fer said:

User is relatively easy if you have done Forest and Monteverde. Any hints for root?

I’ve finally got it, but I gotta say it was considerably harder than how it was in the other machine you mentioned where GetN******* just found the info without you having to even know the username. In this one you actually need to take an educated guess at the username before you can get the info from the script I mentioned, unless I’m missing something.

@VbScrub said:
Type your comment> @sp00fer said:

(Quote)
I’ve finally got it, but I gotta say it was considerably harder than how it was in the other machine you mentioned where GetN******* just found the info without you having to even know the username. In this one you actually need to take an educated guess at the username before you can get the info from the script I mentioned, unless I’m missing something.

(Quote)

Yeah man, I use other command for obtain the info, but now I need a pass :smile:

Nice box , i was in rabbit hole for some time , but it was more simple than i thought

I’m on edge-eu-vip-24.hackthebox.eu
and the box responsiveness is absolute garbage on smb port

I’ve got some creds that I know are allowed to Powershell in, but the powershell service seems to be down now even though it was open during port scan earlier… can’t even telnet in to that port. Might have to do a reset

EDIT: After a reset all worked fine, so I’ve got user and now on to root :slight_smile:

@VbScrub said:
I’ve got some creds that I know are allowed to Powershell in, but the powershell service seems to be down now even though it was open during port scan earlier… can’t even telnet in to that port. Might have to do a reset

working on my end, but the box is being raped by everyone atm

got user on to root
needed a git pull for the tool to connect

Type your comment> @madhack said:

got user on to root

can I pm? I am struck on getting pwd after finding username.

Type your comment> @5h1v4 said:

Type your comment> @madhack said:

got user on to root

can I pm? I am struck on getting pwd after finding username.

sure!

Got user after some guessing, now trying to use A******on creds.

Rooted. Enumerate, pretty standard windows stuff. Don’t overcomplicate it and you’ll be okay. Quite a few rabbitholes though.

@init5 said:
working on my end, but the box is being raped by everyone atm

yeah after a reset it was all good and I’ve got user :slight_smile:

For root I’m pretty sure I see what we’re meant to exploit but just trying to figure out how to do it without resorting to metasploit

Got user finally. It was harder than on other “easy” windows boxes, because most of the usual info sources were blocked. Root will have to wait until tomorrow :slight_smile:

Holy moly finally got user. I was having technical difficulties for sure. Made it much harder than it should have lol

Got user as well but now stuck on my way to root. One rabbit hole after the other…

rooted now

anybody tips for root, got shell for both users f…h and s…g .