Stuck for root. I would appreciate a nudge... I can guess the last part, but cant find if we have to privesc before being able to exploit it, or if we should be able to exploit it with our actual user... Of if some are stuck at the same place and want to share idea!
Thx!
Edit: Rooted, I was overcomplicating a lot.... trying to take a shortcut.. Cool box!
great. staring at a user.txt yet it says it is not the right flag. Dynamic flags, great to prevent sharing, frustrating that sometimes the box needs to be reset just so you can claim...
Edit: so i thought it was becauae the box was jacked up... so i reset the box, reset my machine. now i can't connect to it at all GAAAAH 1 step forward 3 steps backwards!
interesting box.
so far I have found list of users > @gverre said:
Stuck for root. I would appreciate a nudge... I can guess the last part, but cant find if we have to privesc before being able to exploit it, or if we should be able to exploit it with our actual user... Of if some are stuck at the same place and want to share idea!
Thx!
EDIT: There is a lot more "taker" than "giver" in this forum....
interesting box.
so far I have found list of users > @gverre said:
Stuck for root. I would appreciate a nudge... I can guess the last part, but cant find if we have to privesc before being able to exploit it, or if we should be able to exploit it with our actual user... Of if some are stuck at the same place and want to share idea!
Thx!
EDIT: There is a lot more "taker" than "giver" in this forum....
interesting box.
so far I have found list of users > @gverre said:
Stuck for root. I would appreciate a nudge... I can guess the last part, but cant find if we have to privesc before being able to exploit it, or if we should be able to exploit it with our actual user... Of if some are stuck at the same place and want to share idea!
Thx!
EDIT: There is a lot more "taker" than "giver" in this forum....
For 70 nudge request, i got 0 nudge offer! :-)
that is true
THIS!
???
I got 3 users and a password which I cracked but don't know where to use them
Foothold: Basic enumeration. Having discovered "those directories", search for attacks related to that gigantic, three-headed dog
User: What file would be useful in a conventional Windows host exploitation?
Root: Who are you?
If the flag is not working... yes, reset the box. There is no "fake" flag or something like that. o/
Got creds for s*****t account, have done extra enum with it, but nothing usable came out of it yet. Probably overlooking something, again...
Nice box ;-)
I'm off to bed now. God luck to you!
I'm stucked here too. I tried connecting to the shares (with this creds) but nothing useful info.
Got creds for s*****t account, have done extra enum with it, but nothing usable came out of it yet. Probably overlooking something, again...
Nice box ;-)
I'm off to bed now. God luck to you!
I'm stucked here too. I tried connecting to the shares (with this creds) but nothing useful info.
Same. Cannot find a place to use these creds... Taking a break from it for tonight.
Very fun experience so far
I love helping newcomers. If you send a message, include the things you already tried.
Please be patient for replies, I do my best to reply to everyone.
Rooted! Really cool box, one of the easier of the "hard" ones I would say. Although getting from user1->user2 in the enumeration phase tripped me up a bit.
I could use a nudge from s**_b***** to Admin.
I've only found one service to use this user on. All other attempts to use the creds has failed. I know why I can't get the shell but just not sure where to go from here atm.
Comments
Type your comment> @purplenavi said:
I think you're the step behind me. Take that list and try "running " it against one of the lower ports. Should report back some "valid" users.
Now I have these users, trying to work out what to do with them.
Finally got user and learned new things. If you need a nudge let me know! Now on to root!
Edit: Rooted!
Is there any brute-forcing necessary or am I missing something?
Edit: Asking about the very beginning.
Edit2: Nevermind. Sometimes it's important to notice that things actually worked
Stuck for root. I would appreciate a nudge... I can guess the last part, but cant find if we have to privesc before being able to exploit it, or if we should be able to exploit it with our actual user... Of if some are stuck at the same place and want to share idea!
Thx!
Edit: Rooted, I was overcomplicating a lot.... trying to take a shortcut.. Cool box!
Got user! Kudos to @TheT3rminat0r for tips!
great. staring at a user.txt yet it says it is not the right flag. Dynamic flags, great to prevent sharing, frustrating that sometimes the box needs to be reset just so you can claim...
Edit: so i thought it was becauae the box was jacked up... so i reset the box, reset my machine. now i can't connect to it at all
GAAAAH 1 step forward 3 steps backwards!
I had this user flag issue but reset the box and got my flag successfully, Now to move on and tackle root.
Edit: Rooted! Had to reset the box and get a fresh root flag as I experienced the incorrect flag error on both my flags.
Spoiler Removed
interesting box.
so far I have found list of users > @gverre said:
that is true
Type your comment> @idevilkz said:
THIS!
BTW, danggggg. Great box !
Got a cred and trying to figure out what I can do with it.
Maybe I'll have to go to a Windows machine lol ... (pywerview and bloodhound.py is a little bit limited
)
EDIT: Nvm... bloodhound.py did the job. My bad.
OSCP | CRTE | Pentest+ | DCPT
Type your comment> @zer0bubble said:
???
I got 3 users and a password which I cracked but don't know where to use them
Going through the --- shares of the first user with no luck!
Any nudges for the second user please?
EDIT : got a free user. That makes it two lol
rooted. Thanks @gverre and @TheT3rminat0r for user nudges.
very fun and educational.
Spoiler Removed
I'm very sorry. Wasn't aware I gave away too much. My apologies.
https://www.hackthebox.eu/home/users/profile/74337
Rooted! Nice box! ^_^
My tips:
Foothold: Basic enumeration. Having discovered "those directories", search for attacks related to that gigantic, three-headed dog
User: What file would be useful in a conventional Windows host exploitation?
Root: Who are you?
If the flag is not working... yes, reset the box. There is no "fake" flag or something like that. o/
OSCP | CRTE | Pentest+ | DCPT
or change the VPN server. works for me
nudge for root pls 
stuck on last step....
managed to get the admin hash.. but cant login?
Type your comment> @Wrebra said:
I'm stucked here too. I tried connecting to the shares (with this creds) but nothing useful info.
Same. Cannot find a place to use these creds... Taking a break from it for tonight.
Very fun experience so far
I love helping newcomers. If you send a message, include the things you already tried.
Please be patient for replies, I do my best to reply to everyone.
Rooted! Really cool box, one of the easier of the "hard" ones I would say. Although getting from user1->user2 in the enumeration phase tripped me up a bit.
Thanks!
Type your comment> @purplenavi said:
Me too...
I came up with a custom script to scan all their "profiles" but got nothing...
Anyone could nudge, please?
I could use a nudge from s**_b***** to Admin.
I've only found one service to use this user on. All other attempts to use the creds has failed. I know why I can't get the shell but just not sure where to go from here atm.
is anyone else having a problem logging into the machine?
okay so nmap mislead me but i have what i need i just dont know where to use it
Found one user pretty quick,
not much access with this user.
Tried s*b and ldaps****
Evil tool returns access denied.
Enumerate more (I get it) but a nudge of direction would be appreciated
Always happy to help others. 100% human
https://www.mindfueldaily.com/livewell/thank-you/
*Evil-WinRM* PS C:\Users\Administrator\Desktop>[System.Security.Principal.WindowsIdentity]::GetCurrent().Name; hostname BLACKFIELD\Administrator DC01What an amazing box thanks @aas for it
enumeration nudge please....anyone anyone.
Have a big list and 2 default users. saw the shares but not much access for the spots i attempted to enumerate.
Edit: A tool that didnt do anything before worked the second time. thanks peeps
I have the knight in shining armor, now what? Nugde please
FINALLY.... Rooted this thing... Thanks for the help those that sent me nudges.
What a frustrating ride that was!