AX Jeeves

Hi who can help me with the root flag? I got the user.txt and i can use powershell and also meterpreter, but i don’t found any hidden files and i don’t know how to privesc. I hate windows and this is why i have no much skill with it but i think to know how to search files also in subdirectories. I used dir with different options, but nothing. I have different hashes but i’m not sure that are usefulls. Who can pm me?

Hi,

What tool did you guys used to pass the hash manually ?

I tried wce, mimikatz, psexe and didn’t manage to make it work

Is there someone here who I can pm about transferring files from the Jeeves box to my own? I just haven’t been able to set this up, probably thinking about it in the wrong way.

I used meterpreter

Struggling here… Got user via the console like most have but i can’t seem to get further.
I’m thinking i need a better shell so trying to catch a reverse meterpreter via various methods. no luck.
also working on cracking on the hashes found in the .k*** file and the one in the .xml file (not sure which one i need - if any?) but can’t seem to get any joy.

Would love to run what im doing by someone for a sanity check in pm if anyone could spare a mo?

@Mumbles said:
Is there someone here who I can pm about transferring files from the Jeeves box to my own? I just haven’t been able to set this up, probably thinking about it in the wrong way.

PM me if you like… but there is a very intersting readme laying around that explains exactlty what you need to do

The root flag is in the administrator folder? I don’t find it! >.<

Nevermind, got it

Me, too. ?

If anyone can help point me in the right direction with regards to priv esc, please shoot me a PM. Thanks.

Anybody else having issues accessing the webapp today.

Finally rooted. That was a mindbender

Hi, is anyone in this discussion online that is willing to give me a little push in privesc? any help greatly appreciated

@d3x3 said:
Nevermind, got it

I’m still struggling with this, don’t know where/how to look any more. Anyone a small poke in the right direction?

Hi guys, need some help in this. I have found the .k**** file and able to extract some passwords from this file. However i don’t know what can all these passwords do to help me in my priv escalation?

I was struggling on this box as well. Priv esc was hard work, but finally got it.
@SleepyKaze You should think about the information you got and for what attack vectors you can use it.

Got root!

DM me for any hint :slight_smile:

got user priv and stable reverse meterpreter, found various interesting files, but unable to use them… could you please help me on priv esc?

How to download file?
I stuck in there…