Official Fuse Discussion

Hi.
ExxxxxtCxxcxx.exe end with a : “CreateProcess() failed”.
Anyone can help me please ?
EDIT : I did a mistake sorry.

Type your comment> @ericbosba said:

Hi.
ExxxxxtCxxcxx.exe end with a : “CreateProcess() failed”.
Anyone can help me please ?
EDIT : I did a mistake sorry.

Yes, the malicious thing didn’t load :slight_smile: 1st step is to load that :slight_smile: I had this error message earlier…

Thought I’d give a little tip for users as this had me running in circles for 2 weeks and only hit me in the face today.

  • if you use hosts for server resolution this wont help you.

can anyone give me a nudge i have found some usernames but after that i am clue less what to do next i have tried to find any password via L**P, even tried to brute force creds on S*B Nothing happen. just help me to point in right direction to proceed further.
Thanks

@parteeksingh said:

can anyone give me a nudge i have found some usernames but after that i am clue less what to do next i have tried to find any password via L**P, even tried to brute force creds on S*B Nothing happen. just help me to point in right direction to proceed further.
Thanks

Dont brute force the access, you can use a tool like hydra to find what you need but you have to pay attention to the output.

Then when you find the difference you can change it to what you need.

@TazWake I have tried but i didn’t find any difference in the output as you have mentioned. Something is still i am not able to catch from your hint.
Thanks for a nudge.

Working towards root myself. I guess I’m missing a part of enumeration.

Foothold wasn’t too bad. I should remember it’s quite common to provide new users with temporary business type formatted passwords.

@parteeksingh said:

@TazWake I have tried but i didn’t find any difference in the output as you have mentioned. Something is still i am not able to catch from your hint.
Thanks for a nudge.

Trying to be a bit more descriptive: You need a custom wordlist - there is a built in tool to create this if it helps.

Use this and your list of usernames, maybe with an alternative to hydra that works well on S**. Look at the responses and if you see something change, make a note of it.

@TazWake i found my mistake when creating custom word list just missed one switch.
Yup have found some passwords now

@parteeksingh said:

@TazWake i found my mistake when creating custom word list just missed one switch.
Yup have found some passwords now

Awesome work.

I could use a nudge re the foothold as well please:
I enumerated some users and I have tried to follow the comments on anonymous r******** -? with pretty much all commands related to the device that seems to be the center of attention on this box. The box keeps telling me, it wasn’t able to initialize two things and gives me nothing except denied access and a headache :slight_smile:

@Boelimaa said:

I could use a nudge re the foothold as well please:
I enumerated some users and I have tried to follow the comments on anonymous r******** -? with pretty much all commands related to the device that seems to be the center of attention on this box. The box keeps telling me, it wasn’t able to initialize two things and gives me nothing except denied access and a headache :slight_smile:

@TazWake Thanks.

can someone give me a nudge on the foothold? i have generated a wordlist using the usernames I found, however its like 2k words and i don’t feel comfortable brute forcing with a list that huge
EDIT: I’m DUMB… was using a completely incorrect tool

root@kali:~# nc -nvlp 4444
listening on [any] 4444 …
connect to [10.10.16.4] from (UNKNOWN) [10.10.10.193] 51736
Microsoft Windows [Version 10.0.14393]
(c) 2016 Microsoft Corporation. All rights reserved.

C:\Users\svc-print\Desktop>whoami
whoami
nt authority\system

Thanks to @SanderZ31 for their help!
Feel free to drop a PM if you need help :slight_smile:

Think I’m missing something critical in my initial enumeration. I’ve manually compiled a user list and investigated that particular software for possible foothold information but no joy. I’m guessing I’m missing a word/words off a list so I’m not seeing everything there is available…

@Larhten said:

Think I’m missing something critical in my initial enumeration. I’ve manually compiled a user list and investigated that particular software for possible foothold information but no joy. I’m guessing I’m missing a word/words off a list so I’m not seeing everything there is available…

Double-check the output of whatever tool you are using.

Rooted… Had way more trouble getting a foothold than finding a privesc vector. I managed to compile ELD****, but as other mentioned I wasn’t getting any output? I tried the next step after and it worked, but it’s hard to say if it’s because everything was already loaded form others.

Can someone help me out with foothold? I found credentials but it says they expired. A bit stuck on what to do with them…

edit: nvm, found a use for them

When I try to load driver I get NTSTATUS: c000003b STATUS_OBJECT_PATH_SYNTAX_BAD error (as user s**-p****).
I compiled loader myself. Anyone knows why is that? I used full path to the c*m. file.
I suspect reg path is somehow wrong (Loading Driver: ???????\S-1-5...but don’t know why?