ServMon

somebody deleted the hash than. Reset box to get it back…

Rooted! What a funny box. Getting user.txt was easy, yet getting root with the connection problems was a challenge. An advice I can give you is to be patient and try harder. And, if you find something interesting to get root, don’t follow all the steps, try to think a little bit outside the box. If you need a hint, just send a PM.

Hey guey, I pretty new to windows machines, so im lil bit stuck. I found 2 Net*****.log and host , hostname : ServMon and Domainename , could anyone help me with what particular file should i look for.

ROOTED!!
thanks to @neon45 for the nudges.
User is just a search away.
for root use the API and read the doc carefully. don’t struggle with the WEB UI
PM for nudges :slight_smile:

rooted now, thanks to all for the help and for your patience Pegasys14

Rooted. Combination of GUI fun and CLI fun. Refresh, refresh, refresh. Eventually it works.

i think anyone cant access the web page of ++ service
i can not get root with this way
someones reset again and again, someones bruteforce but they dont know ehat bruting for and machine get slower and slower again, really stressful minutes :angry:

Rooted. Found an easy way to reload modules via the webui. No need to reboot the machine. This one was pretty fun enumeration wise.

Feel free to PM for any nudges.

I can’t find the webui. Did you find using dirb or gobuster?

Type your comment> @haderach said:

I can’t find the webui. Did you find using dirb or gobuster?

I found the page.

No need to keep reseting the server if you can get to the UI. It was painful to do the last couple steps of this box.

I got the login page and password but the message is “403 Your not allowed”. WTF???

Is the box down?
Ping 10.10.10.184
8 packets transmitted, 0 received, +6 errors, 100% packet loss, time 7097ms
pipe 4

Type your comment> @haderach said:

I can’t find the webui. Did you find using dirb or gobuster?

it does not work try to access the web

Type your comment> @N00p said:

Type your comment> @haderach said:

I can’t find the webui. Did you find using dirb or gobuster?

it does not work try to access the web

I found the login page and password but the message is a error login. O.o
Any idea?

I’m at a certain point where I’m trying to understand the API and can’t seem to get my head around it. Can anyone PM me to help me get a sanity check? Thanks!

Type your comment> @neon45 said:

Type your comment> @ChuChuJelly said:

Is there a way to add a schedule without accessing GUI at all (I’ve never been able to load the login page as mentioned by a lot of people so trying the API route)? Or am I barking up the wrong tree here? Any hint would be appreciated :slight_smile:

@VbScrub said:
t> @ChuChuJelly said:

Is there a way to add a schedule without accessing GUI at all (I’ve never been able to load the login page as mentioned by a lot of people so trying the API route)? Or am I barking up the wrong tree here? Any hint would be appreciated :slight_smile:

This is where I’m stuck too :confused: I’ve got my script added to the server via API, and can execute it using the “test” command, but it seems to run as the current user rather than as the service account. So I’m assuming the only way to get it to do that is with the scheduler, but there doesn’t seem to be an API for that. Also looked at using the check_n***.exe to trigger it but can’t get that to connect even locally, and the config file suggests it is disabled anyway.

Read over the api section in the documentation and you will find the answer, i got stuck at the same point but taking a step back and reading the doc was how i found the right way to do what i wanted. Feel free to pm.

For those going the API route with their script uploaded but having difficulty running it - per the above comment… Go back and look at the API again. Maybe you skipped over a section. Don’t try and put something in your schedule for later, just 'Que’stion what you want.

Would anyone be able to help with root priv esc? I’ve spent so much time and I feel like I’m moving in circles. Even after s** t******** I am getting 403 and can’t seem to figure out API. Thanks :slight_smile:

Could someone please help with getting the initial password file. I’m completely struck. I’m pretty sure I know how to get root but finding these passwords is driving me mad.

System, with thanks to @csenox for the assistance.
A few tips:

  • The GUI is APaIn in the ■■■ and not necessary
  • RTFM (the correct part of it; think of what you’re trying to do with the exploit you found)

Good luck, have fun!