Rooted this box in both ways (TV and US) , learned a lot of new things! great stuff
got the user,
any hint for rooting will be helpful
Can someone send me a PM on how to root this the āRemoteā way.
I done it the U***** way.
Thanks
Took the T.V route in the end.
This box was not easy for me (blue teamer)
Someone mind pointing me in the right direction? I have RCE via a U******.** exploit but Iām trying to .NET a reverse shell but I canāt get it to work. Thanks in advance!
Nice box! Really trying to learn more windows and this was easy enough for me, but still learned alot
I had to use metasploit on this one doing the TV-way, anyone did it that way manually? Please PM me if so!
Hello, someone else have problem with submit flags ? Iām have user and root flag and when i send flags from panel get āwrong flagā. Someone has an idea how to solve the problem?
Well this box took me longer than it should have, I spent way too much time looking for a working unauthenticated exploit for U****** because I foolishly overlooked the N** port when I struck out trying to enum S**.
Even once I found the N** port, it took me ages to find the creds for U***** because I all the tools I tried to open the .S** file with said it was corrupted. I swear when I tried strings the first time the creds didnāt even come out, was only when I went back and tried again hours later than I found them :-/
Once you get access to U*****, the rest is easy, only takes a bit of googling and some enum.
Can anyone give me a nudge? I got in to the box and am having issues with root. Iāve tried messing with Ucā¦and can stop it, but canāt start it to make it work. I think a .dll has been removed to prevent this. PUp shows it useable modifiable. Decided to go TV route. I found a hash that came out to be r3_****n. Found a nifty python script to crack the hash. Tried an evil method with that password but no joy. Thought maybe I would reroute the service back to myself and use the app on my host machine, but discovered that the app needs internet service inorder to work without reconfiguring. Havenāt been able to figure out how to reconfigure it using IP via command line. Anyway, any hints are appreciated. Thanks!
EDIT: Got root! Thanks HomeSen for showing me what I was already seeing and not realizing itā¦ Learned some new things about how to view in pshell! And learned a nice bit of bash too!
PM for nuggets
I have rooted this box. But I would to know if there is anyone Rooted via SpersonateP*? Drop me msg. I would like to know how.
I donāt know why people on Free Servers just keep on Resetting the Box ā¦!
Itās Not even 1 min. Past the Last reset and Resetting the Box. Just canāt even Enumerate.
Hi all, I had the cred for umbraco able to login in etc and the password keeps changing? Is someone doing that on purpose or is ment to be like that?
Type your comment> @piolug93 said:
Hello, someone else have problem with submit flags ? Iām have user and root flag and when i send flags from panel get āwrong flagā. Someone has an idea how to solve the problem?
I seem to be having the same problem. I found the user flag, but it wonāt accept it.
Rooted this one, no longer a āscript kiddieā
Iām definitely way more familiar maneuvering around Linux machines; helps quite a bit to watch some @VbScrub and @ippsec videos!
At some point Umbraco broke: i canāt login no more (blank page after valid creds), CRE is not working anymoreā¦ seems like the app is broken. Reset wont workā¦ The machine is about to be shutdownā¦ can somebody do something with this machine?
Finally rooted! User was fairly easy but admin took quite some time.
I found the U***** path first however I couldnāt get it to work at the very last stage, if anyone succeeded with this method please let me know I think I must have done something wrong.
TV was was pretty straightforward but I wasted a lot of time trying to get a meterpreter shell on the box, in the end I had to do it manually thanks to a hint from @HomeSen but it wasnāt too hard.
Feel free to PM for hints.
Why the ā ā ā ā people cannot stay without changing the flag?
.
I got the user, any tip for the password? i got some files with hashes, can i use hashcat or you guys suggest other tool?