Happy to help people but PLEASE explain your problem in as much detail as possible! If you say vague things like "It's not working", I cant help. This isn't Twitter so my DMs are always open.
Currently have very limited HTB time but will try to respond as quickly as possible.
Hi guys, I got the hash from *.s**** but I can't get into debug mode on the highter port, I think I need to find another hash in order to get into debug mode. You confirm?
As far as the lower port is concerned, I connected to it with the user T**********r, while searching a little bit I find a lot of .vb files in the "VB P********" of c**l but nothing concrete in the files, did I look wrong, am I close to the goal or am I clearly going in the wrong direction?
Hi Guys,
First of all, can I say what a place, I am extremely late here and also a very new new n00b.
I am attempting Nest and here is where I am so far:
I have found both low and high ports
on low port, I have tried to use login to share using smbclient and gone through all files/folders where possible but no luck
again on low port, I have used rpcclient and found out which one is the flag user
on how port, once logged in, I can see a lot of data and basically full structure
and I am stuck, a nudge or a wrist slap will be appreciated.
@idevilkz if you mean you still haven't got the first set of credentials, you haven't looked very hard on the low port they're literally just in plain text in a text file and there aren't many folders you can even access, so it should be very easy to find.
I can't find c.*****'s password. I found the encoded password in the file. However, what do I use it? Can I give me a hint...?
This has been asked and answered a lot in the last 30 pages. You need to find more information, modify it, compile it and execute it to get the plain text password.
Happy to help people but PLEASE explain your problem in as much detail as possible! If you say vague things like "It's not working", I cant help. This isn't Twitter so my DMs are always open.
Currently have very limited HTB time but will try to respond as quickly as possible.
Hi Guys, Can someone give me a Nudge. I am using telnet on the high port and can see and find files. I have found information however telnet is only allowing me to do handful amount of things i.e: setdir, list etc.
Should that suffice or do I need to think outside the box and do something more or use a different tool.
also, with regards to low port and ADS, I can see stream however don't know how to execute it.
Hi Guys, Can someone give me a Nudge. I am using telnet on the high port and can see and find files. I have found information however telnet is only allowing me to do handful amount of things i.e: setdir, list etc.
Should that suffice or do I need to think outside the box and do something more or use a different tool.
You need information from the lower port.
also, with regards to low port and ADS, I can see stream however don't know how to execute it.
Scroll back and read the previous answers on this. You need to solve this before you go on the higher port.
Happy to help people but PLEASE explain your problem in as much detail as possible! If you say vague things like "It's not working", I cant help. This isn't Twitter so my DMs are always open.
Currently have very limited HTB time but will try to respond as quickly as possible.
I can't find c.*****'s password. I found the encoded password in the file. However, what do I use it? Can I give me a hint...?
This has been asked and answered a lot in the last 30 pages. You need to find more information, modify it, compile it and execute it to get the plain text password.
I found more information in all directories I can access. However, I only found important files: the file including encoded password and some configuration files. I don't know things I have to modify...
Happy to help people but PLEASE explain your problem in as much detail as possible! If you say vague things like "It's not working", I cant help. This isn't Twitter so my DMs are always open.
Currently have very limited HTB time but will try to respond as quickly as possible.
I found more information in all directories I can access. However, I only found important files: the file including encoded password and some configuration files. I don't know things I have to modify...
Happy to help people but PLEASE explain your problem in as much detail as possible! If you say vague things like "It's not working", I cant help. This isn't Twitter so my DMs are always open.
Currently have very limited HTB time but will try to respond as quickly as possible.
I found more information in all directories I can access. However, I only found important files: the file including encoded password and some configuration files. I don't know things I have to modify...
Do you have the V**** B**** files?
I don't have the file. So, I have to the file, right?
Hi Guys, Can someone give me a Nudge. I am using telnet on the high port and can see and find files. I have found information however telnet is only allowing me to do handful amount of things i.e: setdir, list etc.
Should that suffice or do I need to think outside the box and do something more or use a different tool.
You need information from the lower port.
also, with regards to low port and ADS, I can see stream however don't know how to execute it.
Scroll back and read the previous answers on this. You need to solve this before you go on the higher port.
Thanks @TazWake
if you are referring to ADS on a *** T*** D***.txt then I have seen it and when i more it i can see it shows me a path/moresamba.somenumbers but i don't know what to do with them.Thank you
Happy to help people but PLEASE explain your problem in as much detail as possible! If you say vague things like "It's not working", I cant help. This isn't Twitter so my DMs are always open.
Currently have very limited HTB time but will try to respond as quickly as possible.
Thanks @TazWake
if you are referring to ADS on a *** T*** D***.txt then I have seen it and when i more it i can see it shows me a path/moresamba.somenumbers but i don't know what to do with them.Thank you
I dont think I am talking about the same document.
Happy to help people but PLEASE explain your problem in as much detail as possible! If you say vague things like "It's not working", I cant help. This isn't Twitter so my DMs are always open.
Currently have very limited HTB time but will try to respond as quickly as possible.
Happy to help people but PLEASE explain your problem in as much detail as possible! If you say vague things like "It's not working", I cant help. This isn't Twitter so my DMs are always open.
Currently have very limited HTB time but will try to respond as quickly as possible.
Now , I try getting root. I found the decrypt algorithm. However, I can't find ciphertext. I thinks a empty file is ciphertext. However, the file is 0 byte...
This thread is like groundhog day come on guys, at least read the last few pages before asking the exact same question that's been answered loads of times before. If you need more specific help, PM someone.
Now , I try getting root. I found the decrypt algorithm. However, I can't find ciphertext. I thinks a empty file is ciphertext. However, the file is 0 byte...
The empty file isnt ciphertext. Scroll up a few questions and its discussed quite a bit.
Happy to help people but PLEASE explain your problem in as much detail as possible! If you say vague things like "It's not working", I cant help. This isn't Twitter so my DMs are always open.
Currently have very limited HTB time but will try to respond as quickly as possible.
FYI, for those who used dotnetfiddle.net. You might want to make sure your repo is private. Stumbled across someone's code while Google-FUing the ru_******.x** and found the user's password in plain text. Made for an easy user flag but it's kinda disappointing that I didn't get to do the last step or two for user by myself.
Comments
Got user, trying to root. Any nudges for decrypting the second hash? It's the only useful thing I got out of the higher port.
@hur said:
You need to find the updated settings from the file you should have extracted on the lower port.
Note: https://www.nohello.com/
Happy to help people but PLEASE explain your problem in as much detail as possible! If you say vague things like "It's not working", I cant help. This isn't Twitter so my DMs are always open.
Currently have very limited HTB time but will try to respond as quickly as possible.
Fun box, @VbScrub! Thanks! Looking forward to the next one!
Hi guys, I got the hash from *.s**** but I can't get into debug mode on the highter port, I think I need to find another hash in order to get into debug mode. You confirm?
As far as the lower port is concerned, I connected to it with the user T**********r, while searching a little bit I find a lot of .vb files in the "VB P********" of c**l but nothing concrete in the files, did I look wrong, am I close to the goal or am I clearly going in the wrong direction?
Hi Guys,
First of all, can I say what a place, I am extremely late here and also a very new new n00b.
I am attempting Nest and here is where I am so far:
thanks
ID
My youtube tutorials: http://youtube.com/vbscrub
Twitter: https://twitter.com/VbScrub
my bad I managed to get those details after this post . I wasn't using the correct syntax of double quotes to get the file. off to next stage.
I need a little help decompiling the .exe file. Which tool should I be using? PM me..
Type your comment> @Hav0k said:
Thank you @Gh0stBl4ck !
Hi all -- did anyone have luck with openssl for one of the "cryptic" early steps? I couldn't get that to work and ran the VB.
LegendarySpork
I can't find c.*****'s password. I found the encoded password in the file. However, what do I use it? Can I give me a hint...?
@alicemacs said:
This has been asked and answered a lot in the last 30 pages. You need to find more information, modify it, compile it and execute it to get the plain text password.
Note: https://www.nohello.com/
Happy to help people but PLEASE explain your problem in as much detail as possible! If you say vague things like "It's not working", I cant help. This isn't Twitter so my DMs are always open.
Currently have very limited HTB time but will try to respond as quickly as possible.
Hi Guys, Can someone give me a Nudge. I am using telnet on the high port and can see and find files. I have found information however telnet is only allowing me to do handful amount of things i.e: setdir, list etc.
Should that suffice or do I need to think outside the box and do something more or use a different tool.
also, with regards to low port and ADS, I can see stream however don't know how to execute it.
@idevilkz said:
You need information from the lower port.
Scroll back and read the previous answers on this. You need to solve this before you go on the higher port.
Note: https://www.nohello.com/
Happy to help people but PLEASE explain your problem in as much detail as possible! If you say vague things like "It's not working", I cant help. This isn't Twitter so my DMs are always open.
Currently have very limited HTB time but will try to respond as quickly as possible.
Type your comment> @TazWake said:
I found more information in all directories I can access. However, I only found important files: the file including encoded password and some configuration files. I don't know things I have to modify...
removed
Note: https://www.nohello.com/
Happy to help people but PLEASE explain your problem in as much detail as possible! If you say vague things like "It's not working", I cant help. This isn't Twitter so my DMs are always open.
Currently have very limited HTB time but will try to respond as quickly as possible.
@alicemacs said:
Do you have the V**** B**** files?
Note: https://www.nohello.com/
Happy to help people but PLEASE explain your problem in as much detail as possible! If you say vague things like "It's not working", I cant help. This isn't Twitter so my DMs are always open.
Currently have very limited HTB time but will try to respond as quickly as possible.
Type your comment> @TazWake said:
I don't have the file. So, I have to the file, right?
Type your comment> @TazWake said:
Thanks @TazWake
if you are referring to ADS on a *** T*** D***.txt then I have seen it and when i more it i can see it shows me a path/moresamba.somenumbers but i don't know what to do with them.Thank you
@alicemacs said:
You have to have the file s, yes.
Note: https://www.nohello.com/
Happy to help people but PLEASE explain your problem in as much detail as possible! If you say vague things like "It's not working", I cant help. This isn't Twitter so my DMs are always open.
Currently have very limited HTB time but will try to respond as quickly as possible.
@idevilkz said:
I dont think I am talking about the same document.
The one I mean is
D***** M*** P*******.txtNote: https://www.nohello.com/
Happy to help people but PLEASE explain your problem in as much detail as possible! If you say vague things like "It's not working", I cant help. This isn't Twitter so my DMs are always open.
Currently have very limited HTB time but will try to respond as quickly as possible.
Type your comment> @TazWake said:
I think I only get the file with lower port. I carefully seek the file. However, I haven't found it. Can I give me more hint...
Type your comment> @alicemacs said:
Sorry, I found the directory! I think I can't access the directory...Thanks a lot!!!
@alicemacs said:
There is a folder you may think you cant access because you cant access its parent folder. But you can access the folder.
Note: https://www.nohello.com/
Happy to help people but PLEASE explain your problem in as much detail as possible! If you say vague things like "It's not working", I cant help. This isn't Twitter so my DMs are always open.
Currently have very limited HTB time but will try to respond as quickly as possible.
Now , I try getting root. I found the decrypt algorithm. However, I can't find ciphertext. I thinks a empty file is ciphertext. However, the file is 0 byte...
My youtube tutorials: http://youtube.com/vbscrub
Twitter: https://twitter.com/VbScrub
@alicemacs said:
The empty file isnt ciphertext. Scroll up a few questions and its discussed quite a bit.
Note: https://www.nohello.com/
Happy to help people but PLEASE explain your problem in as much detail as possible! If you say vague things like "It's not working", I cant help. This isn't Twitter so my DMs are always open.
Currently have very limited HTB time but will try to respond as quickly as possible.
I got a
root.txt!!!I learned a couple of tips on Windows.
I appreciate @TazWake help.
Finally! What a challenge that was
Huge shout out to @VbScrub for the fun box!
Props to @n00py whose hint got me over the last hurdle.
Thanks to both!
Completed start to finish on Kali alone. There are ways.
FYI, for those who used dotnetfiddle.net. You might want to make sure your repo is private. Stumbled across someone's code while Google-FUing the ru_******.x** and found the user's password in plain text. Made for an easy user flag but it's kinda disappointing that I didn't get to do the last step or two for user by myself.