This is getting ludicrous. Are we expected to reset a box, once we got user, just to get a fresh hash?
Got user, submitted the hash within 5-10s and got invalid. The Machine was NOT reset during those few seconds, since my session is still valid (and I didn’t see anything related in the shoutbox).
Now, even after resetting the machine, the hash is the same and invalid
If you got it once, just get it again. It’s actually good that they are doing this so people aren’t passing out hashes.
This is getting ludicrous. Are we expected to reset a box, once we got user, just to get a fresh hash?
Got user, submitted the hash within 5-10s and got invalid. The Machine was NOT reset during those few seconds, since my session is still valid (and I didn’t see anything related in the shoutbox).
Now, even after resetting the machine, the hash is the same and invalid
If you got it once, just get it again. It’s actually good that they are doing this so people aren’t passing out hashes.
I was basically just ranting/venting, since it’s pretty annoying that one has to sometimes issue several resets before the hash gets renewed and accepted
@dakkmaddy said: @VbScrub I hope you are not getting tired of complements, you are about to get another. Cascade is one of the best boxes I have done. It is realistic, well planned, and the enumeration chain is brilliant. You are a true credit to this community.
haha thanks, and don’t worry I’m not tired of compliments yet :lol:
Rooted. Great box. You learn the essentials of manual enumeration, note-taking and chaining exploits together while doing this box. Thanks to @VbScrub for the experience and nudges. Looking forward to the next one.
rooted! very cool box with a lot of manual enum at the beginning that is easy to miss without patience. Thank you @VbScrub
I will say between this box and the last one from this author, you really need to have a Windows VM running with a special spy tool installed in order to get through the homegrown RE steps. If anyone knows how to do the 2nd to last step on this box a different way, I would like to know!
I found an interesting v** ******er.r file and I believe I cracked what I needed from it, the only issue I am having is utilizing it… Can someone help give me a push over the cliff?
I found an interesting v** ******er.r file and I believe I cracked what I needed from it, the only issue I am having is utilizing it… Can someone help give me a push over the cliff?
There is a tool in github for cracking the hex, do remove the commas and use the tool to decode the password… And Use that password to log in as user s.****h with evil
Rooted. Awesome box. manual enumeration, must take notes and significant lateral movements. RE part is little confusing for me because lack of RE. Thanks to @VbScrub for the experience and nudges.