WTF
this box was really greate > @gurbanli said:
Rooted. User part was difficult than root part. But root part was long
Hints:
Foothold: Abuse pi functionality with well-known OWASP attack and bypass WAF
User1: Enumerate with what you have in order to get what you need
User2: look who you are and which processes are running
User3: Reverse it
User4: Standard AD Attack with imp****
Root: Standard windows privilege escalation
this were all the hints that I needed I just want to add the initial foothold. You will need to write some scripts.
Thx I learned a lot!
PS: when you own this box you got the name