@sniper1777 said:
ok, so i’ve tried Removed Spoilers and
still no success. Am I along the right lines with any of these? P.S i’ve gotten user access
I just need to escalate. Thanks for the help again
Im still really struggling with this i’ve tried the Removed Spoilersas an x64 powershell module imported then ran Removed Spoilers, which says success you have achieved system, however it doesn’t actually work :/. I’m using X64 meterpreter session too any rough help??
I am also stuck at the exact same place…
Finally done it, I know how frustrating it can get, Look up Removed: Spoilers. Thank god for that two solid days it’s taken!
P.S I hope i’m allowed to post these hints, delete if inappropriate admin.
Hi guys, I have followed all your recommendations, I have the session on the right architecture but once I run the port recon it doesn’t show up any compatible plugging. any clue which will help to to escalate my privilege?
To own the optimum you should be good at code review.
hint:
1} Know what exploit does
2} Change what’s needed
3} Run exploit on machine
4} Bingooo…!!! you own the machine
i’m not sure what i was doing wrong, i got system few seconds ago with the same exploit, same arch, same payload that i was trying at the begin for two days with no success
Optimum is a fun simple machine to start with, get all the information about it jump on google and boom, what you need is there modify it and run the bad boy.
hey there! i’m totally stuck with this one. like so many others, i easily managed to own the user but can’t figure out how to escalate privs. the problem is i can’t even confirm if i’m on the right track since my meterpreter sessions always dies when running local exploits. i gave the exploit suggester a shot but the session dies before it finishes, so i’m basically down to trial and error. can someone gimme a hint on how to get my session stable? i’m aware of the x64 arch and stuck to x64 payloads and exploits, but to no avail.
@horrorshow1984 said:
hey there! i’m totally stuck with this one. like so many others, i easily managed to own the user but can’t figure out how to escalate privs. the problem is i can’t even confirm if i’m on the right track since my meterpreter sessions always dies when running local exploits. i gave the exploit suggester a shot but the session dies before it finishes, so i’m basically down to trial and error. can someone gimme a hint on how to get my session stable? i’m aware of the x64 arch and stuck to x64 payloads and exploits, but to no avail.
if you are using proper x64 payload,meterpreter and exploit, everything will be perfect and it will work like a charm. If you still cant do it, I suggest you try harder more and PM me then
So, I’m stuck with priv escalation. I tried by myself and it always got stuck, so went and checked the video from ippsec and the writeup and using metasploit it always get stuck with exploit completed, but no session created? what can i do?
I don’t, but I’ve followed the write-ups precisely, made sure all my payloads and targets are set for x64, and it always says “Exploit completed, but no session was created.”
I can get user on this box, but I am pretty sure the original image was modified after it was retired. Not sure why??? but you cannot follow @ippsec videos or any other walk-through for that matter since you can’t run IEX, or even powershell. Pretty frustrating…
I can’t get a ping response using %00{.exec|ping myip} in Wireshark? it is listening to the right interface and I am pressing forward in Burp ARGH it is so frustrating…I get TCP etc. Also wireshark does show ICMP. I also tried the encode that IPPsec uses later…I am so mad at this box for not working for me like it does everyone else.
I don’t know if the processor has multiple cores , my google-fu needs more work, but it definitely doesn’t have a x64 powershell. It doesn’t even have a \SysNative directory to put it into. There are 4 powershell.exe programs: 2 in the normal x86 folders of \System32 and \SysWOW64 and 2 others in subfolders of \WinSxS.… with really long filenames that the system didn’t like me trying to run them.