ServMon

Type your comment

Type your comment

Type your comment

@VINDICATOR said:
Type your comment"KNOX"

someone’s script went wrong :lol:

@VbScrub said:

someone’s script went wrong :lol:

Hey, bots have to bot…

Owned user. My tip for the initial foothold…once you find something…you’ve found something lol

As vague as that is, just try what you find.

Finally got this rooted…user was pretty easy.
Root was a pain as the box looked to be getting reset often.
Used the shiny metal web option, took a bit of reading and several attempts to get right.

the best advice for root I found here, is to abandon the web interface method.
the documentation is totally sufficient to proceed, good luck guys!

@Everlastdg - I support the recommendation, I gave up on the web interface and managed to get nt authority once the machine decided to stop playing silly b*ggers!

I cant seem to get the ini file for the password. Is it in a special folder?

I’ve got the bits and can see what it’s supposed to do…just not sure how to do it.
Would “visible studios” help me at all?

Done machine, really clunky at times, but good enough to push through it, anyone who needs help with it, can PM saying what you have tried.

C:\Users\Administrator\Desktop>whoami
nt authority\system

C:\Users\Administrator\Desktop>ipconfig
ipconfig
Windows IP Configuration
Ethernet adapter Ethernet0 2:
   Connection-specific DNS Suffix  . : 
   IPv6 Address. . . . . . . . . . . : dead:beef::18ed:7b41:aba8:7c59
   Temporary IPv6 Address. . . . . . : dead:beef::38fc:ce2a:99af:d19
   Link-local IPv6 Address . . . . . : fe80::18ed:7b41:aba8:7c59%3
   IPv4 Address. . . . . . . . . . . : 10.10.10.184

Noob here; could use a nudge. I have C****.txt and P****.txt. Tried to used them on ftp and SSH. What am I missing. Please send nudge via PM. thx

@Klink said:

Noob here; could use a nudge. I have C****.txt and P****.txt. Tried to used them on ftp and SSH. What am I missing. Please send nudge via PM. thx

Depending on what C****.txt and P****.txt are, it might be worth double-checking how you are trying to use them.

Don’t be like me. When I was first poking around I interpreted the result I got poking in the obvious place as a pair of headers rather than a result. Oops, that wasted a bunch of time.

This box is making my eye twitch, tunnels were working, UI was up and running, tried making a change to run my special sauce and then boom out of nowhere the service died. Frustrating beyond belief.

Rooted the box using the API…

Anyone can give me idea how it can be completed with GUI? Please PM!!

Anyone get a PR_End_of_file_error? I tried a bunch of variations…could someone pm me please? Not sure if I’m using the tunnel wrong or if there is a separate issue. Thank you

Stuck on root. Used a portion of a vulnerability from exploit-db to GET user, then found a way to use the credentials on some low hanging fruit to get myself logged in. I can do stuff, but nothing with admin creds. Tried some sneaky tricks like transferring a reverse shell over and trying to execute it but don’t have sufficient rights as the user I’m logged in as. Searching the forum I understand I need to exploit the a service but using an API. I found a manual pertaining to the service I used the exploit-db POC to get my user foothold with but it doesn’t mention an API anywhere in that manual. I see one other “higher” service of interest but not having any luck. Any nudges would be greatly appreciated.

@bamafan1981 said:

Any nudges would be greatly appreciated.

Google the service name and API - you should get a link to some good documentation.