Optimum

Perhaps the wrong call back IP? Also reverting the box never hurts, some privesc’s aren’t reliable when ran multiple times.

if you are using metasploit check this:

meterpreter > sysinfo
Computer : OPTIMUM
OS : Windows 2012 R2 (Build 9600).
Architecture : x64
System Language : el_GR
Domain : HTB
Logged On Users : 97
Meterpreter : x64/windows <--------------*

Anyway, there is a much better exploit than what most people use for Optimum. It doesn’t create so many problems. I will write about this in a few days when Optimum will be retired.

yup ensure …correct arch

can anybody tell me how to own system

can anybody tell me how to own system

I’ve been stuck on this for two days too. Does the meterpreter session have to be x64 arch too??

Everything (targets, sessions, payloads) have to be x64 arch. But keep in mind that -even if you do everything correctly- the specific exploit doesn’t function as it should in some metasploit configurations. You can always search for alternative exploits.

try using something simple ( there is recon plugin that can help you )

ok, so i’ve tried Removed Spoilers and
still no success. Am I along the right lines with any of these? P.S i’ve gotten user access
I just need to escalate. Thanks for the help again

@sniper1777 said:
ok, so i’ve tried Removed Spoilers and
still no success. Am I along the right lines with any of these? P.S i’ve gotten user access
I just need to escalate. Thanks for the help again

Im still really struggling with this i’ve tried the Removed Spoilers as an x64 powershell module imported then ran Removed Spoilers, which says success you have achieved system, however it doesn’t actually work :/. I’m using X64 meterpreter session too any rough help??

@sniper1777 said:

@sniper1777 said:
ok, so i’ve tried Removed Spoilers and
still no success. Am I along the right lines with any of these? P.S i’ve gotten user access
I just need to escalate. Thanks for the help again

Im still really struggling with this i’ve tried the Removed Spoilers as an x64 powershell module imported then ran Removed Spoilers, which says success you have achieved system, however it doesn’t actually work :/. I’m using X64 meterpreter session too any rough help??

I am also stuck at the exact same place… :frowning:

@briyani said:

@sniper1777 said:

@sniper1777 said:
ok, so i’ve tried Removed Spoilers and
still no success. Am I along the right lines with any of these? P.S i’ve gotten user access
I just need to escalate. Thanks for the help again

Im still really struggling with this i’ve tried the Removed Spoilersas an x64 powershell module imported then ran Removed Spoilers, which says success you have achieved system, however it doesn’t actually work :/. I’m using X64 meterpreter session too any rough help??

I am also stuck at the exact same place… :frowning:

Finally done it, I know how frustrating it can get, Look up Removed: Spoilers. Thank god for that two solid days it’s taken!

P.S I hope i’m allowed to post these hints, delete if inappropriate admin.

Hi guys, I have followed all your recommendations, I have the session on the right architecture but once I run the port recon it doesn’t show up any compatible plugging. any clue which will help to to escalate my privilege?

To own the optimum you should be good at code review.
hint:
1} Know what exploit does
2} Change what’s needed
3} Run exploit on machine
4} Bingooo…!!! you own the machine
:slight_smile:

Thanks guys, I was using the right post/exploit but wrong arch. Lesson learned!

i’m not sure what i was doing wrong, i got system few seconds ago with the same exploit, same arch, same payload that i was trying at the begin for two days with no success :confused:

Sometimes, you have to reset the box for an exploit to work because the machine is in a altered state (from previous exploits applied by other users).

Optimum is a fun simple machine to start with, get all the information about it jump on google and boom, what you need is there modify it and run the bad boy.

hey there! i’m totally stuck with this one. like so many others, i easily managed to own the user but can’t figure out how to escalate privs. the problem is i can’t even confirm if i’m on the right track since my meterpreter sessions always dies when running local exploits. i gave the exploit suggester a shot but the session dies before it finishes, so i’m basically down to trial and error. can someone gimme a hint on how to get my session stable? i’m aware of the x64 arch and stuck to x64 payloads and exploits, but to no avail.

@horrorshow1984 said:
hey there! i’m totally stuck with this one. like so many others, i easily managed to own the user but can’t figure out how to escalate privs. the problem is i can’t even confirm if i’m on the right track since my meterpreter sessions always dies when running local exploits. i gave the exploit suggester a shot but the session dies before it finishes, so i’m basically down to trial and error. can someone gimme a hint on how to get my session stable? i’m aware of the x64 arch and stuck to x64 payloads and exploits, but to no avail.

if you are using proper x64 payload,meterpreter and exploit, everything will be perfect and it will work like a charm. If you still cant do it, I suggest you try harder more and PM me then :wink: