Cascade

@htbuser01 said:
At first sight I did not really like that box but after the first step was done - just awesome how it all comes together! Thanks @VbScrub for the machine!!

Good to hear you changed your mind :slight_smile:

Rooted. Was fun!

Wasted so much time on the foothold by querying a higher port because a lower port initially timed out. The information you need is not present in that higher one. Don’t make my mistake.

Secondly, a certain cook gave me a meal that wasn’t 100% what I ordered. Don’t know why but if you notice the dot, just guess what they missed. Props to @TazWake for helping clarify that.

Thanks @VbScrub!

Ahahaha. Got root. I am so stupid with Windows boxes :relaxed:
User is easy, but u need to keep the chain in mind
ROOT!:
So, when u got all info, users and know all about this box, check who u are, what u can and use one powershell command which has a special argument for the parameter.
Good luck and thanks to @VbScrub !

is there something to read on that reg or im messing somthing

And that is Root!

Wow @VbScrub , again you have created a brilliant box that teaches you so much and takes you on a real journey; I really appreciate the effort you put in to these!

I’m still not sure though, did I enjoy Nest more than Cascade??? :slight_smile:

Absolutely brilliant, keep going mate, looking forward to the next one.

Thanks go to @gluonsrgreat and @metuldann for keeping me sane!

Rooted.
Thanks @VbScrub, good box, hope you will release other medium boxes.

@phycomp & @Gand3lf

Thanks for the kind words :slight_smile: and yeah more boxes coming soon

@VbScrub Thanks for this box, I’ve learned a tonne of stuff.
I did find your previous AD box tougher, but that was first my introduction to both pentesting and AD and I had chosen an ‘easy’ box for my first box. Looking forward to your next boxes!

Got User.txt, quite a journey :smiley: Only seeing black and white after that.
Root will be quite difficult to me if there is only the RE way…

Type your comment> @MrZulu said:

@VbScrub Thanks for this box, I’ve learned a tonne of stuff.
I did find your previous AD box tougher, but that was first my introduction to both pentesting and AD and I had chosen an ‘easy’ box for my first box. Looking forward to your next boxes!

My previous box (Nest) wasn’t anything to do with AD and didn’t have it installed, maybe you got it confused with another one? I know some people thought I made the Sauna box just cos I started the thread on it, but that wasn’t mine :slight_smile:

Nice box! Great work, love your AD stuff.

Happy to assist PM’s

Type your comment> @VbScrub said:

Type your comment> @MrZulu said:

@VbScrub Thanks for this box, I’ve learned a tonne of stuff.
I did find your previous AD box tougher, but that was first my introduction to both pentesting and AD and I had chosen an ‘easy’ box for my first box. Looking forward to your next boxes!

My previous box (Nest) wasn’t anything to do with AD and didn’t have it installed, maybe you got it confused with another one? I know some people thought I made the Sauna box just cos I started the thread on it, but that wasn’t mine :slight_smile:

Oh, yes I did nest too. Apologies, I was thinking about forest. Either way, keep up the good work. I look forward to the next challenge!

Just read my notes on Nest. What a wild ride that box was!

I did it. I have to say that your @VbScrub machines are the most complex for me but they are quite satisfactory.

@VbScrub you love them dotnet apps dont you lol
i just wanna say thanks bro for this box i really enjoyed it …
love your youtube channel too…
keep on…
owned!

Thank @VbScrub , very pretty machine !

All nudge are in the forum, you read you find something !
I was blocked in one step because i have no idea which tool use but it was ok. Very smart the last step of root !

If you feel very stuck you can Pm :slight_smile:

@HolyShift said:
@VbScrub you love them dotnet apps dont you lol

Can you tell VB.NET is the only language I know :lol:

Literally still have no idea what to do, gotta #tryharder .

Very nice and straight forward box, was real fun. Thanks @VbScrub
Learned again something new about AD.
Initial foothold:
pay close attention for what you get from one of the typical AD ports, I’ve overseen it more than once as it’s “hidden in the crowd”
User:
Do some thorough enumeration with the access you got from above and you get another access
Root:
After user do again some more usual enumeration with what you can do now to get the 3rd user access. Use this wisely with something only this user is able to do. Do some googling and you get everything you need. Put this altogether with some enumeration results you found on the way here and finally get root.txt.
As always: PM for hints

done!

Very good machine!

@VbScrub loves put some code inside the challenge the hint here is, you can stop and view the content.

Thanks for the challenge.

Spoiler Removed