Official Blackfield Discussion

hmmm

have smaller list of users now. have credsā€¦ stuck on the never ending loop of enumerations :frowning:

Iā€™ve been able to use the creds in multiple places, but nothing super useful from the output yetā€¦

Type your comment> @panic said:

Iā€™ve been able to use the creds in multiple places, but nothing super useful from the output yetā€¦

so i am not on a rabbit hole then. that is reassuring. I think we are at the same placeā€¦ a few keyclicks (hopefully) from reaching next milestones.

EDITā€¦ that moment when you realize you had more than what you had. You were just to occupied elsewhere. facepalm

Same hereā€¦

So far, quite a pretty nice machine.
Got access to 2 users, but still no shell :smiley:
I can access some (a lot) interesting files, but the cat (and katz) is failing me, so far. Wondering if I should start throwing bigger lists with rules files against the juicy info I found. Or if I should rather look elsewhere.

I have first user and working on second. Just saw the thread.

Got the first flag, but cant find a way to get a shell. Is it necessary for the next step? Or still more smb enum??

EDIT: Forget it. A port initially close is now open

Got user! Fun box so farā€¦ now to challenge my Windows privesc skills (again)ā€¦

I know two users but not what to do with them. Could someone give me a little nudge please?

Just a thought, isnā€™t it good to have ā€œ[machine-name] - Official Discussionā€ as a thread name so itā€™s easy to find or recognize?. Honestly Iā€™m suggesting this because, it took me a while to find the thread for Blackfield. When we have more and more machines coming in the feature it will become more difficult imo.

i found bunch of empty files on one of S*b shares not sure if im in right place

Type your comment> @nav1n said:

Just a thought, isnā€™t it good to have ā€œ[machine-name] - Official Discussionā€ as a thread name so itā€™s easy to find or recognize?. Honestly Iā€™m suggesting this because, it took me a while to find the thread for Blackfield. When we have more and more machines coming in the feature it will become more difficult imo.

same :dizzy:

Spoiler Removed

I must be down a Rabbit Hole. Only found a list of user names via a SMB Shareā€¦still working out what I can probe and do.

Really stuck on this. only things I got so far are 2 (default) usernames and a list of shares. But I canā€™t connect to any of the shares. Hint would be appreciated ā€¦

Type your comment> @theonemcp said:

Really stuck on this. only things I got so far are 2 (default) usernames and a list of shares. But I canā€™t connect to any of the shares. Hint would be appreciated ā€¦

You should be able to connect to at least 1 share, and work from here after.

Really stuck as well. I have a huge list of usernames, but no idea how to use them, none of the things I tried worked. Any hints?

Spoiler Removed

Type your comment> @purplenavi said:

Really stuck as well. I have a huge list of usernames, but no idea how to use them, none of the things I tried worked. Any hints?

I think youā€™re the step behind me. Take that list and try "running " it against one of the lower ports. Should report back some ā€œvalidā€ users.

Now I have these users, trying to work out what to do with them.