Nest

@turtleface said:

Type your comment> @TazWake said:

@turtleface said:

So I have gone through the directories with setdir and used list to see the contents. I do not see anything related to that “empty” text file. I also am not able to runqueries, I get the database error. I figured thats why i need to use the Debug account.

I have also used streams.exe on that text file which comes back with no streams found.

I dont know where to go from here.

Is the empty file on the high port?

Why not google the tool you use to access the port where the empty file is and how you can use it to recover what you are looking for?

You are trying to find the information you need to exploit the high port, dont expect to find it on the high port.

I got the empty file from the shares I was able to access where I got the user flag. I am using telnet to access the high port.

Yeah, I got that.

Any tips on the empty file?

@nikostz said:

Any tips on the empty file?

Scroll up. Literally the last 6 questions have been about this.

Type your comment> @TazWake said:

@nikostz said:

Any tips on the empty file?

Scroll up. Literally the last 6 questions have been about this.

You have a point haha

Type your comment> @TazWake said:

@turtleface said:

Type your comment> @TazWake said:

@turtleface said:

So I have gone through the directories with setdir and used list to see the contents. I do not see anything related to that “empty” text file. I also am not able to runqueries, I get the database error. I figured thats why i need to use the Debug account.

I have also used streams.exe on that text file which comes back with no streams found.

I dont know where to go from here.

Is the empty file on the high port?

Why not google the tool you use to access the port where the empty file is and how you can use it to recover what you are looking for?

You are trying to find the information you need to exploit the high port, dont expect to find it on the high port.

I got the empty file from the shares I was able to access where I got the user flag. I am using telnet to access the high port.

Yeah, I got that.

Thanks for your help! I was way over looking this one. I got the info from the file that I need!

Type your comment> @emmycat said:

Type your comment> @theonemcp said:

I’m right now trying to make sense of the exe file and the “empty” file.
for the exe I tried so far:

  • O*D but this was a big fail
  • R****e2 worked better but I couldn’t make sense of it
  • “NSA Tool”: looks promising. but I still need to find out how it works

I’m on the right track with this?

for the empty file I don’t know what to do. I guess the problm is that the data gets lost when the ile is copied over from windows to linux.
But I don’t know how to examine the file directly on the share :frowning:
Hints are appreciated (also per PM)

The empty file might not actually be empty. Maybe you should get ALL the INFO. :stuck_out_tongue:

Thanks for this

One thing that I wish someone just told me about that empty file:
It’s on a Windows environment. If you move that empty file to a different environment or you “modify” it someway, it will lose it’s “properties”.

I think i’ll try to wrap my head around commandoVM with this machine, wish me luck boys… i think this is going to get a tad bumpy.

Hey Guys, really stuck at the VB code decryption thingy. Happy to rep if you can teach me on what needs to be done. Never did any Vis Basic code or .Net stuff. :slight_smile: Thanks

Type your comment> @ShredX said:

Hey Guys, really stuck at the VB code decryption thingy. Happy to rep if you can teach me on what needs to be done. Never did any Vis Basic code or .Net stuff. :slight_smile: Thanks

I’m stuck in the same place. I should be decryptable online but it doesn’t work either. Wouldn’t mind if anyone could help.

hey guys im stuck with the hqk *** from port 43** can someone help me to find the right path

Thanks @VbScrub, I hated it… But I learned a lot :mrgreen:

PS. I suck at VB.

Rooted! Nice machine and learned how to show hidden files (old school technique but always applicable).
Cheers!

Type your comment> @Alex1PM1 said:

hey guys im stuck with the hqk *** from port 43** can someone help me to find the right path

there’s 26 pages of help right here. If you’ve read them all and still need help then you’ll have to be a lot more specific about what you’re stuck on rather than just saying “I’m stuck”

Type your comment> @grav3m1ndbyte said:

Type your comment> @ShredX said:

Hey Guys, really stuck at the VB code decryption thingy. Happy to rep if you can teach me on what needs to be done. Never did any Vis Basic code or .Net stuff. :slight_smile: Thanks

I’m stuck in the same place. I should be decryptable online but it doesn’t work either. Wouldn’t mind if anyone could help.

Use https://dotnetfiddle.net/
Just build the script without error
And print what you nedd that’s all.

@msraja said:
Type your comment> @grav3m1ndbyte said:

Type your comment> @ShredX said:

Hey Guys, really stuck at the VB code decryption thingy. Happy to rep if you can teach me on what needs to be done. Never did any Vis Basic code or .Net stuff. :slight_smile: Thanks

I’m stuck in the same place. I should be decryptable online but it doesn’t work either. Wouldn’t mind if anyone could help.

Use https://dotnetfiddle.net/
Copy the code from all vb files
Just build the script without error
And print what you nedd that’s all.

@msraja said:

@msraja said:
Type your comment> @grav3m1ndbyte said:

Type your comment> @ShredX said:

Hey Guys, really stuck at the VB code decryption thingy. Happy to rep if you can teach me on what needs to be done. Never did any Vis Basic code or .Net stuff. :slight_smile: Thanks

I’m stuck in the same place. I should be decryptable online but it doesn’t work either. Wouldn’t mind if anyone could help.

Type your comment> @msraja said:

@msraja said:
Type your comment> @grav3m1ndbyte said:

Type your comment> @ShredX said:

Hey Guys, really stuck at the VB code decryption thingy. Happy to rep if you can teach me on what needs to be done. Never did any Vis Basic code or .Net stuff. :slight_smile: Thanks

I’m stuck in the same place. I should be decryptable online but it doesn’t work either. Wouldn’t mind if anyone could help.

Use https://dotnetfiddle.net/
Copy the code from all vb files
Just build the script without error
And print what you nedd that’s all.

Thanks @msraja! I appreciate that.

Type your comment> @VbScrub said:

Type your comment> @Alex1PM1 said:

hey guys im stuck with the hqk *** from port 43** can someone help me to find the right path

there’s 26 pages of help right here. If you’ve read them all and still need help then you’ll have to be a lot more specific about what you’re stuck on rather than just saying “I’m stuck”

Rooted nice vm i was confused with the high port but finally find the creds and get access to the flag

I’m in the last phase and got a secret from L*p.cF but can’t repeat the step from user as it complains about bad padding. What am I missing?