Nest

Type your comment> @msraja said:

@msraja said:
Type your comment> @grav3m1ndbyte said:

Type your comment> @ShredX said:

Hey Guys, really stuck at the VB code decryption thingy. Happy to rep if you can teach me on what needs to be done. Never did any Vis Basic code or .Net stuff. :slight_smile: Thanks

I’m stuck in the same place. I should be decryptable online but it doesn’t work either. Wouldn’t mind if anyone could help.

Use https://dotnetfiddle.net/
Copy the code from all vb files
Just build the script without error
And print what you nedd that’s all.

Thanks @msraja! I appreciate that.

Type your comment> @VbScrub said:

Type your comment> @Alex1PM1 said:

hey guys im stuck with the hqk *** from port 43** can someone help me to find the right path

there’s 26 pages of help right here. If you’ve read them all and still need help then you’ll have to be a lot more specific about what you’re stuck on rather than just saying “I’m stuck”

Rooted nice vm i was confused with the high port but finally find the creds and get access to the flag

I’m in the last phase and got a secret from L*p.cF but can’t repeat the step from user as it complains about bad padding. What am I missing?

@grav3m1ndbyte said:
I’m in the last phase and got a secret from L*p.cF but can’t repeat the step from user as it complains about bad padding. What am I missing?

Does Lp.c* look like something else you encountered before? maybe HLap.*xe

Type your comment> @nristo said:

@grav3m1ndbyte said:
I’m in the last phase and got a secret from L*p.cF but can’t repeat the step from user as it complains about bad padding. What am I missing?

Does Lp.c* look like something else you encountered before? maybe HLap.*xe

Thank you! I guess I didn’t look carefully

Well, got root! Interesting box for sure, I have lots to learn especially with vbscript which I have been avoiding until now. Many thanks to @n00py, @Darvidor and @rootshooter for helping!

I would like to ask as i’ve just started this box…Could anyone confirm if there are only 2 ports 4*5 and 4**6 opened ?! Is this accurate or my enumeration sucks…?

Type your comment> @Destroyervg said:

I would like to ask as i’ve just started this box…Could anyone confirm if there are only 2 ports 4*5 and 4**6 opened ?! Is this accurate or my enumeration sucks…?

Pretty Accurate!

I get ‘Invalid database configuration found. Please contact your system administrator’ when trying to do things on the higher port. Is this deliberate to get me to look elsewhere or is it an actual issue?

I been spinning my wheels on this most of the day. Never done any reversing before. I got the user flag and I have a 0 byte file plus and exe. I been playing around on the high port but I not sure what my next step is. I looked back though some of the pages and I have tried a hand full of things on the 0 byte file but still can’t seem to put this puzzle together. Can I someone PM me?

Headbang x 1000. I’ve got everything bar a way of revealing the locat of the root flag. Can someone please pm me on how I can get it to show itself please?

Thanks

Pilgrim23

Finally rooted! Learnt alot, thanks @VbScrub

@Pilgrim23 said:
I get ‘Invalid database configuration found. Please contact your system administrator’ when trying to do things on the higher port. Is this deliberate to get me to look elsewhere or is it an actual issue?

it is deliberate and cannot be fixed

Finally rooted!!! I overthought this machine so hardcore. However I learned an incredible amount about windows and active directory in the process. One of my favorites so far.

edit: wrong forum lol.

Rooted!

Man, that was a super, super thorough machine. I think I learned more tools and tricks on this one, than most others.

This is one of those cases where terms like “Easy” and “Hard” don’t really describe things too well.

There’s a lot to do, and a lot of information to comb through. None of the things you are tasked with doing are very hard at all… but there’s so many different areas of knowledge being tested that I’m sure most newer users will be learning something, somewhere.

The “empty file” portion was really cool, and threw me for a loop!

Love this machine, great job @VbScrub.

I don’t seem to find any other empty file other than N********.txt. via one common port. That’s not decrytable I reckon. Am I expecting more than one empty files?

So i have gotten to the hash of .**** user. No clue what to do now. I have navigated through every share possible using st, navigated through the H service running in TT. I have not found any empty files that people are mentioning. The empty files i found seem to be differently named than the ones mentioned by others here. could someone please point me to the right direction? Ive been stuck here for hours.

Can anyone please help me with the VB part? I can’t seem to compile with online compiler…

Gotcha)) Rooted! Thx @VbScrub for this wornderful box! Very interesting)

@SpiffyLich said:
Man, that was a super, super thorough machine. I think I learned more tools and tricks on this one, than most others.

Love this machine, great job @VbScrub.

Thanks a lot :slight_smile: glad you enjoyed it and learned from it