I can no longer connect to winrm. Took a couple weeks off the box so perhaps something was changed, or maybe something wrong on my end? I have the valid user/pw combo for the two users and previously had been using the evil tool to connect to the box successfully (with both the aforementioned users). Just trying to work on root privesc.
I reset the box a couple times to no avail. If someone knows what’s up please shoot me a msg, thanks.
I can no longer connect to winrm. Took a couple weeks off the box so perhaps something was changed, or maybe something wrong on my end? I have the valid user/pw combo for the two users and previously had been using the evil tool to connect to the box successfully (with both the aforementioned users). Just trying to work on root privesc.
I reset the box a couple times to no avail. If someone knows what’s up please shoot me a msg, thanks.
I can confirm the evil tool is still working to connect as I have been using it all day trying to get root.
I can confirm the evil tool is still working to connect as I have been using it all day trying to get root.
Thanks for letting me know, maybe it has to do with me switching servers earlier in the day.
EDIT:
Haha, wow. Note to self. Take better notes and thoroughly read the help blurb for tools. Was using -ip flag for the ip instead of -i. YEEEESH! Anywho, crisis averted.
Hummm I’m completely stucked here…
I think I shall upload a payloaded d-- and compromise the d–c-d program, but, no matter how I generate the payloaded d-- with m–v—m, the AV keeps detecting it.
Any word of advice by PM, pleeease?
I think im in the same boat as you. Cant seem to get my privilege escalation to work. How do you know its the AV that keeps detecting you? Is there something you are checking or see that states the AV picked it up?
Hey!
My d-- files keeps being deleted… so… there’s a really funny user, or, more likely, the AV is cathing the payloaded d–, no matter what I try.
The user.txt has been challenging because I didn’t enumerate enough initially
The root part has been super easy once found the right ms*t module!
By the way, I also tried the D** Inj******* method but had troubles with the AV; I’d be really interested if someone could please explain how to bypass it…
When i run d*md command it does not contact my smbserver do not know why but stuck here. I have everything to get root but can’t get my D to resolute. Any help would be very much appreciated.
Hey all!!
I can’t get my privilege escalation to work and i don’t know why, i did :
d** in through dd ,payload generated with mm.Everything seems working normally but it just doesn’t give m*** user the access :neutral: . Any help please ??
Rooted it now. I tried the same technique for privesc several times and it didn’t work at first but after the 7th or 8th time it worked out. Does anybody know why?
I have access to the machine with the user m… and read on some post here they needed to search on C:\ but I don’t know what to look for… Can you give me some tips
Rooted, what a great box. Leant loads on this one so a massive thanks to the creator,
User hint : enumerate the obvious services and you will find some creds to use.
Root hint : This took me ages but look at the key service running on the box (the box name helps here) and the group membership of the user. Then google the service and how it can be configured from the command prompt. Dont give up on first attempt.
User: easy, just make sure you enumerate everything you can’t see.
I did root both ways, first method: Look at the users and groups they belong to. From there you can leverage yourself.
Second method: easy script, nothing to add.
C:\Windows\system32>whoami
whoami
nt authority\system
C:\Windows\system32>cd C:\Users\Administrator\Desktop
cd C:\Users\Administrator\Desktop
C:\Users\Administrator\Desktop>type root.txt
type root.txt
im on 2nd user trying to execute the next step to root and hitting a wall for hours. if anyone can check my syntax or provide nudges offline I’d appreciate it