Official Blackfield Discussion

Rooted!
Well done to the creator @aas
PM me if need help!

I couldn’t copy the N–S/n–s.d** file out, anyone out there kind enough to give me some nudges?

Edit: Rooted the box. Thank you for everyone who have helped me along the way. Truly appreciate it :smiley:

I have the same problem as the LehAnne, I don’t know how to do that. I read how to copy the n–s.d-- but always got “you don’t have permission”. Could anyone give me some nudges?

Type your comment> @skate4ever said:

I have the same problem as the LehAnne, I don’t know how to do that. I read how to copy the ns.d but always got “you don’t have permission”. Could anyone give me some nudges?

You can’t do that directly, right? The user has some super powers to do that same thing in different way.

Type your comment> @gunroot said:

Type your comment> @skate4ever said:

I have the same problem as the LehAnne, I don’t know how to do that. I read how to copy the ns.d but always got “you don’t have permission”. Could anyone give me some nudges?

You can’t do that directly, right? The user has some super powers to do that same thing in different way.

I saw the privileges the user has, but I didn’t figure out how it works and my research didn’t bring any thing that help me.

Stuck getting any user info. I have managed to get active users but no further information. all scans and tools come back with minimal or access denied. Anyone has any tips or links to useful AD enumeration tools that would be great.

going to have to resort to asking for some tips if someone wouldn’t mind a PM. I’m knighted but can’t figure how to utilise my key to open the door. suffering tunnel vision…

Type your comment> @gunroot said:

Type your comment> @skate4ever said:

I have the same problem as the LehAnne, I don’t know how to do that. I read how to copy the ns.d but always got “you don’t have permission”. Could anyone give me some nudges?

You can’t do that directly, right? The user has some super powers to do that same thing in different way.

I found some links, but didn’t work for me always got error. I don’t know how to proceed.

Ok, sadly, time to ask for a hint, i’ve hit a wall with that first user’s creds (su****t) with which i can’t do much…

EDIT: got it. Turns out you probably have tried something that you think didn’t work.

Oh man, finally rooted. What a ride!
Big ups to @benn0, @TazWake , @rootSySdk & @zer0bubble for the nudges. I couldn’t have solved it by myself at all.

User1 : someone likes to be roasted

User2 : Something very new for me. I was stuck on this for a day. It has something to do with R*C and one of its functions.

User3 : If you’ve enumerated the common ports until now, the user name will be the biggest nudge here. Don’t be afraid to use your tools.

Root: Most difficult and annoying for me. The user3 has some special privileges. Google them and read the articles carefully. Don’t blindly implement what’s given. Go slowly as there is a lot to learn here. I gave myself a break just to gather my thoughts, and then boom!

Root is also frustrating as some things would just refuse to work. Find a way around them. Or ask for nudges!

Thanks @aas for this box!

Is anyone running into problems with enum4linux stopping midway through the users list? Mine keeps stopping using the creds for the first account with a user who starts with ‘Ru’ and I can’t get it to display everything. I tried Nessus and it looks like the third character of that username is a special character. Is there any way to make that work? The users first name is ‘RužA’

@tegdimyrgna said:

Is anyone running into problems with enum4linux stopping midway through the users list? Mine keeps stopping using the creds for the first account with a user who starts with ‘Ru’ and I can’t get it to display everything. I tried Nessus and it looks like the third character of that username is a special character. Is there any way to make that work? The users first name is ‘RužA’

The tool might be struggling with the amount of data it is getting back. You could try connecting and using ls to get the same results.

owned.

what a beautiful machine, kudos to @aas!

Learned a ton of new things and enjoyed the journey immensely.
Ping me for tips.

Just got the user flag. Fun box so far.

What are we supposed to do with all these random files from user2? Tried analyzing them but got nothing in both OS’s. Am I down a rabbit hole?

Type your comment> @user29 said:

What are we supposed to do with all these random files from user2? Tried analyzing them but got nothing in both OS’s. Am I down a rabbit hole?

Think memory forensics. What kind of files are in there and what can you pull from them with the right tool?

Can someone give me a nudge on root? I know the privs I have with the 3rd account but all the methods I’ve found to use those privs don’t seem to work.

Type your comment> @tegdimyrgna said:

Type your comment> @user29 said:

What are we supposed to do with all these random files from user2? Tried analyzing them but got nothing in both OS’s. Am I down a rabbit hole?

Think memory forensics. What kind of files are in there and what can you pull from them with the right tool?

Yeah, this is what I have been attempting, but the tool (updated) can’t detect a profile and basically never outputs anything. Have tried other tools which were less than useless.

Spoiler Removed

Wow, incredible machine, I learned a lot. root part was the most time consuming for me. If you need some tip PM me.