Official Blackfield Discussion

Same here…

So far, quite a pretty nice machine.
Got access to 2 users, but still no shell :smiley:
I can access some (a lot) interesting files, but the cat (and katz) is failing me, so far. Wondering if I should start throwing bigger lists with rules files against the juicy info I found. Or if I should rather look elsewhere.

I have first user and working on second. Just saw the thread.

Got the first flag, but cant find a way to get a shell. Is it necessary for the next step? Or still more smb enum??

EDIT: Forget it. A port initially close is now open

Got user! Fun box so far… now to challenge my Windows privesc skills (again)…

I know two users but not what to do with them. Could someone give me a little nudge please?

Just a thought, isn’t it good to have “[machine-name] - Official Discussion” as a thread name so it’s easy to find or recognize?. Honestly I’m suggesting this because, it took me a while to find the thread for Blackfield. When we have more and more machines coming in the feature it will become more difficult imo.

i found bunch of empty files on one of S*b shares not sure if im in right place

Type your comment> @nav1n said:

Just a thought, isn’t it good to have “[machine-name] - Official Discussion” as a thread name so it’s easy to find or recognize?. Honestly I’m suggesting this because, it took me a while to find the thread for Blackfield. When we have more and more machines coming in the feature it will become more difficult imo.

same :dizzy:

Spoiler Removed

I must be down a Rabbit Hole. Only found a list of user names via a SMB Share…still working out what I can probe and do.

Really stuck on this. only things I got so far are 2 (default) usernames and a list of shares. But I can’t connect to any of the shares. Hint would be appreciated …

Type your comment> @theonemcp said:

Really stuck on this. only things I got so far are 2 (default) usernames and a list of shares. But I can’t connect to any of the shares. Hint would be appreciated …

You should be able to connect to at least 1 share, and work from here after.

Really stuck as well. I have a huge list of usernames, but no idea how to use them, none of the things I tried worked. Any hints?

Spoiler Removed

Type your comment> @purplenavi said:

Really stuck as well. I have a huge list of usernames, but no idea how to use them, none of the things I tried worked. Any hints?

I think you’re the step behind me. Take that list and try "running " it against one of the lower ports. Should report back some “valid” users.

Now I have these users, trying to work out what to do with them.

Finally got user and learned new things. If you need a nudge let me know! Now on to root!

Edit: Rooted!

Is there any brute-forcing necessary or am I missing something?

Edit: Asking about the very beginning.
Edit2: Nevermind. Sometimes it’s important to notice that things actually worked :neutral:

Stuck for root. I would appreciate a nudge… I can guess the last part, but cant find if we have to privesc before being able to exploit it, or if we should be able to exploit it with our actual user… Of if some are stuck at the same place and want to share idea!

Thx!

Edit: Rooted, I was overcomplicating a lot… trying to take a shortcut… Cool box!

Got user! Kudos to @TheT3rminat0r for tips!