Tip: if you get the message “The system cannot execute the specified program.” each time you try to get a rev shell… you have to take the right version of nc64.exe (and think to try all the options of the script found). I lost a lot of time because of this…
A weird box… I tried using an exploit which requires an open port 135(failed), bruteforcing the authorization(failed) and connecting to the SMB anonymously(failed). I read about the R****e20 vulnerability, but as far as I look, there’s no code for it. Any nudges would be welcome.
A weird box… I tried using an exploit which requires an open port 135(failed), bruteforcing the authorization(failed) and connecting to the SMB anonymously(failed). I read about the R****e20 vulnerability, but as far as I look, there’s no code for it. Any nudges would be welcome.
you won’t get in directly through a port, you need to figure out what the machine is and what exploit you can use.
So I think I’ve found the relevant exploit, but when I run it at the moment I’m getting that it’s timed out. Is it likely someone has broken the box and I need to reset? I don’t want to just go round resetting all the time.
Another interesting VM from @egre55 Thanks for your imagination and work
Initial Foothold
Credentials are not always necessary... Try to identify the right OS version.
After, Google can help you to find your new friend and don't be afraid by him... (some are nice, like Rémy, a great Chef)
And wait: have you looked everywhere enough? sure?...
User & Root
You got finally another reverse shell, well.
Now, try to find a way to read them... You have the power and the right users to do it.