@Skullsec said:
Someone can give me a hint about how I get access to the machine? I’ve found ------- but I don’t know how to access. Help a noob, please haha…
Dont forget you can do simple things to see what ports do. Like netcat to it and send it a hello. See what it says. Sometimes they respond and tell you what they are.
@Skullsec said:
Someone can give me a hint about how I get access to the machine? I’ve found ------- but I don’t know how to access. Help a noob, please haha…
Dont forget you can do simple things to see what ports do. Like netcat to it and send it a hello. See what it says. Sometimes they respond and tell you what they are.
Yeah, I used nc to enumerate the service in the port, but I still missing something 'cause I don’t have success…
@Skullsec said:
Someone can give me a hint about how I get access to the machine? I’ve found ------- but I don’t know how to access. Help a noob, please haha…
Dont forget you can do simple things to see what ports do. Like netcat to it and send it a hello. See what it says. Sometimes they respond and tell you what they are.
Yeah, I used nc to enumerate the service in the port, but I still missing something 'cause I don’t have success…
As always, then enumerate more. Write notes, link up together what you find (KeepNote is a great program for that purpose).
Enumration is firstly do a nmap. Then write down the open ports and which programs are running there, if possible, which Version they have.
Look to which ports you have access without restriction.
Dirbust web Services (the dirbuster lists are good to start, also SecList has some good lists).
Write down what you find. Enumerate.
Jeeves was really a nice trip, IMHO. Don’t ruin the trip for yourself and spoil you.
@Skullsec said:
Someone can give me a hint about how I get access to the machine? I’ve found ------- but I don’t know how to access. Help a noob, please haha…
Dont forget you can do simple things to see what ports do. Like netcat to it and send it a hello. See what it says. Sometimes they respond and tell you what they are.
Yeah, I used nc to enumerate the service in the port, but I still missing something 'cause I don’t have success…
As always, then enumerate more. Write notes, link up together what you find (KeepNote is a great program for that purpose).
Enumration is firstly do a nmap. Then write down the open ports and which programs are running there, if possible, which Version they have.
Look to which ports you have access without restriction.
Dirbust web Services (the dirbuster lists are good to start, also SecList has some good lists).
Write down what you find. Enumerate.
Jeeves was really a nice trip, IMHO. Don’t ruin the trip for yourself and spoil you.
Can I pm you? I don’t want a spoiler, just learn how to explore this machine. I feel some difficult to gain access.
@b1narygl1tch said:
Could someone give me a hint what to do with hash/password from CEH.kdbx? I tried the password on smb and Administrator, but I had no success.
I can’t escalate privileges. Enumerated services, folders, files etc. No idea
Is this file useful for priv esc? I found it and cracked it, but I don’t know what to do with it. I’m stuck in priv esc and don’t know where else to go. I already have a meterpreter session running, but can’t get system or dump hashes. Any help would be welcome.
Pass by any data that might be useless and isolate the outliers and identify them. The clarification of where it comes from and its use cases might be worth noting. Hash values can be identified based on certain attributes.
Got Admin, can’t find root.txt or any file that can’t contain the flag. Tried listing hidden files with multiple commands, mainly in Desktop. There are only .lnk .txt and one .ini …