ohkay this is my first windows machine, and i have no clue whatsoever
so what should i study or where should i need to look for reverse shell here?!!
a little push needed guyzz
@in3vitab13 said:
ohkay this is my first windows machine, and i have no clue whatsoever
so what should i study or where should i need to look for reverse shell here?!!
a little push needed guyzz
I wouldnât think of this as a âwindowsâ machine. Your attack is based on the technology stack in use and the box name is a bit of a clue. Once you log in, look for ways you can use the technology to run commands on your behalf.
Type your comment> @TazWake said:
@in3vitab13 said:
ohkay this is my first windows machine, and i have no clue whatsoever
so what should i study or where should i need to look for reverse shell here?!!
a little push needed guyzzI wouldnât think of this as a âwindowsâ machine. Your attack is based on the technology stack in use and the box name is a bit of a clue. Once you log in, look for ways you can use the technology to run commands on your behalf.
ohkay m on it!!
need a little research from my sideâŚwill do it!1
Type your comment> @ins3cure said:
I would really like to kill the r******r before he kills me
Uf⌠finally got the user!
Edit again: rooted! A bit frustrating because of poor performance. But an enjoyable machine overall, and quite realistic.
No joke on the r******r bit! Looking for any nudge in how to get around that particular hurdle. I am able to do just about everything else I need to get this thing knocked out.
Type your comment> @beehammer said:
Type your comment> @ins3cure said:
(Quote)
No joke on the r******r bit! Looking for any nudge in how to get around that particular hurdle. I am able to do just about everything else I need to get this thing knocked out.
The r******r bit is just a necessary step to do machine cleanup. You have quite a big window to do your stuff before it kicks in. Time it well and you shall succeed
Type your comment> @ekenas said:
Type your comment> @beehammer said:
Type your comment> @ins3cure said:
(Quote)
No joke on the r******r bit! Looking for any nudge in how to get around that particular hurdle. I am able to do just about everything else I need to get this thing knocked out.The r******r bit is just a necessary step to do machine cleanup. You have quite a big window to do your stuff before it kicks in. Time it well and you shall succeed
I can imagine that but it seemed to be running every 30s or so. I would upload the thing and before I could navigate to it, R would have run and it would be cleared out.
The window is 10 minutes
Type your comment> @ekenas said:
The window is 10 minutes
Not sure what was going on but after somebody reset the machine, it acted normal and I was able to complete user and root flags last night. Fun box with some unexpected direction. I did not see s********n and A**** D****s coming in the same system!
how did you guyz mined other subdomains after loggin in?!
or is it guess work/??
there anybody else who faced the work-item issue?
Type your comment> @in3vitab13 said:
how did you guyz mined other subdomains after loggin in?!
or is it guess work/??
Enumeration and reading some s*n repos which will give you a hint.
Does an error occour during the ppeines process in that certain domain for everyone or is it just me�
Type your comment> @sparkla said:
Az*** CD/CI is broken beyond repair. Someone helped me how to do it, I tried for an hour again and again, I canât merge and the plattform got more weird with each try. Has this been coded by Microsoft or what?
SCNR
That probably explains the issues Iâm having too! Thanks for the unintentional clarification!
Edit: lol, figured it out.
The reason the merging is setup this way becomes quite clear if you are a big team of developers and you need to keep the master branch in a functional state and ensure proper tracking of what work has been done. Typically someone higher up the chain is approving your PR:s and if your job is not properly done he/she will reject it.
It was an amazing box, Learnt something new. User and Root both were great.
Initial Foothold:The server still has that thing that you think is not there. Find a way to get that.
User:It is same as Git Hub but only now it is uploading exactly where you need it to
Root:Start from the beginning and take the pipes with you
PM if you need help
Thanks @ekenas for such an amazing box
and resetting doesnt solve â â â â !
Type your comment> @in3vitab13 said:
@ekenas the machine is not functional for most of the time.
running out of patience .
Hi @in3vitab13 can you PM me with info and Iâll try to see if I can help out. I see a lot of people rooting Worker now so was under the consumption it was running nicely.
Type your comment> @blacViking said:
It was an amazing box, Learnt something new. User and Root both were great.
Initial Foothold:The server still has that thing that you think is not there. Find a way to get that.
User:It is same as Git Hub but only now it is uploading exactly where you need it to
Root:Start from the beginning and take the pipes with youPM if you need help
Thanks @ekenas for such an amazing box
Thanx for the feedback and glad you liked it. Realism and no-guessing was an important part when designing this machine.