@Reddsec said:
I am sure no one is working this box any longer
The box is only a month old, I bet lots of people are still working on it.
- but if you are, I am losing my wits reading all the docs on importing, exporting, pscreds, and so on.
Ok - at the risk of sounding like I am joking, if it is driving you insane, it is probably the wrong path.
I have seen hints that you don’t actually need to change users,
Based on how I approached this box, this hint is drastically incorrect.
that there is a certain hidden file and its not i**-blahblah.xml, enum enum enum, I have enumed manually, looking through lots and lots of folders, I have used Get-ChildItem and still gotten nowhere…
The bad news is this is still the best advice anyone can give on the forum without it being a spoiler. You may need to make a more specific question as a direct message.
I am sure that I have read the answer and just don’t understand it, but at the this point I am going in circles. the shell was not that hard, so what am I not looking at? If anyone is still giving hints, please hit me up
The shell not being difficult is a bit misleading. It depends how you got it and which account you have it as. There are probably at least three shells you will need to get.
If you’ve got the shell via the initial exploit, you are in the wrong user account and you absolutely need to find something which lets you go in via the site. If this is the bit you are missing, I strongly recommend you look at possible automation or “job”-related files.