Resolute

I got the same issue @DeadFish could you pm me when you find the solution ? or any could nudge me please

Rooted, what a great box. Leant loads on this one so a massive thanks to the creator,

User hint : enumerate the obvious services and you will find some creds to use.

Root hint : This took me ages but look at the key service running on the box (the box name helps here) and the group membership of the user. Then google the service and how it can be configured from the command prompt. Dont give up on first attempt.

Enjoy.

Nugget!

Fun box, had a good time with it.

User: easy, just make sure you enumerate everything you can’t see.

I did root both ways, first method: Look at the users and groups they belong to. From there you can leverage yourself.
Second method: easy script, nothing to add.

Hit me up for more nudges.

C:\Windows\system32>whoami
whoami
nt authority\system

C:\Windows\system32>cd C:\Users\Administrator\Desktop
cd C:\Users\Administrator\Desktop

C:\Users\Administrator\Desktop>type root.txt
type root.txt

PM if you need help

I have been looking for hours and cant find any info for 2nd user. Any help/nudge is appreciated.

im on 2nd user trying to execute the next step to root and hitting a wall for hours. if anyone can check my syntax or provide nudges offline I’d appreciate it

EDIT: rooted. Thanks to the author, learned a lot on this box :slight_smile:

Finally Rooted…pheww

C:\Windows\system32>hostname && whoami
hostname && whoami
Resolute
nt authority\system

Ajjj! I have remote shell, user got, but dont know to try privesc

Anyone can PM me on the easy way to getting root? Rooted with the harder way, tried few modules for easy way, still couldn’t get it.

Just rooted the box. PM me for nudges.

Awesome box - learned a ton. Thanks @Pin3apple for pointing me in the right direction.

Rooted :slight_smile: Good box !

Anyone can PM me on the module of mt used ? Is it : exploit/windows/ll/d*_s***************d ?

Thanks

can you guys please nudge me on the privesc ?

rooted, that was such a cool box.

getting root really helped me understand how the technique and attack path works

Is it just me or is anyone else constantly losing connection to this box?

I’m in the last step!!! dont connect the reverse shell!! aaaaajjj thank you EvilT0r13 but I’m very dumb jajajajjajajajaj

Greetings,

I am stuck with root. I tried the it ssr way. dc loads the file when the service is restarted, but i get no reverse shell to my nc. I triple checked everything mentioned here, arch etc. Can someone pm me and take a took a look at the commands I am using?

EDIT: Well, apparently I am stupid. Got a connection to nc now, but the shell dies instantly. Any nudges on that?

EDIT2: root

rsolutd both ways :mrgreen:

I’ve been able to get user, stuck on getting a reverse-shell on privesc

  • i created the *ll file i need
  • configured the service correctly
  • *ns service restarted
  • file getting pulled from i*****et server
  • no reverse-shell !!

i even tried running my ll using run***2.exe to make sure it works and it does! but nothing from the *ns service.

nudges appreciated