Official Omni Discussion

This is a great box IMO. What I really liked about it was multiple times you have to combine enumeration output from tool or command, use the information with another resource at your disposal. The encrypted flag is perhaps the best. It is not enough to get system shell. You have to extract loot and dig deeper. Thank you @egre55. BTW I could not remember if I had properly respected you and was quite surprised to see you can “disrespect” someone you previously respected! Crazy man.

@TazWake Again Thank you.
After throwing my initial fit above, I received a bit of help.
Foothold- Once you find what your looking for, just get the syntax right.
User/root - I made a mistake in enumeration, I was looking for files, but not the right ones. Kicking myself, googling windows privesc enumeration would have revealed a few thing for sure. Afterthat, understand the object you are trying to read. root wasn’t really any different than user.

Spoiler Removed

the only reason I got the creds it’s because I CDed everywhere after hours. I really suck at win enum, I don’t know where to look for anything and I have to google every powershell thing I’m trying to do. I guess ‘use the force’ is the most important tip I can leave here, the rest was done by google and again, CDing around like a mad man.

Can upload nc but got ‘not recognized’ error when trying to execute it. is this my nc or what?

@gasfad01 said:

Can upload nc but got ‘not recognized’ error when trying to execute it. is this my nc or what?

It depends on how you uploaded it and what is generating the “not recognized” message.

For example, if you are using powershell, “not recognized” normally means you’ve used a command alias it doesn’t know. Other tools will have different meanings.

For those stuck with kali 2020.3 that do not have pip2 installed, you can install it with it with the script below, then add the binary to your path:
https://bootstrap.pypa.io/get-pip.py

Hi i found an exploit for this box, anyone can assist?

rooted, fun box.
feel free to write me if you need help

has anyone got a working version of the script that will work with python3 pls?

Type your comment> @tyronew said:

has anyone got a working version of the script that will work with python3 pls?

you can try this
2to3-2.7 -w yourpython2script.py

Using 2to3 won’t work. For me, it was easier to get it running on Parrot. The box isn’t hard, but wheeze managing python versions can be a burden.

Hi , did someone reach to connect to this box with winRm? Even with users add in Remote Group still have errors “WinRM::WinRMHTTPTransportError”

@roumy said:

Hi , did someone reach to connect to this box with winRm?

I didn’t.

You don’t need it though.

i spend 2 hours try to connect as different users,
Start Proces raise me error " he parameter ‘-Credential’ is not supported for the cmdlet"
Invoke-Command do the same.
Even with user, password and a root access i cannot get a flag, this box drive me crazy.

@roumy said:

i spend 2 hours try to connect as different users,
Start Proces raise me error " he parameter ‘-Credential’ is not supported for the cmdlet"
Invoke-Command do the same.
Even with user, password and a root access i cannot get a flag, this box drive me crazy.

If you have the correct password, have you tried logging into the web portal?

i just did , reach to do command once,
now the page looks screwed up.
I think i should go to bed and have a better look tomorrow , doing ■■■■ tonight
[Edited]
Gosh finally reached, but i still wonder why winRm does not work…

I’m really struggling to get the foothold on this one. Could anyone send me a dm or give me a nudge? I found the correct script, but for some reason when I try to insert the payload I get some syntax errors. I tried to execute the scripts locally and didn’t have any problems with them. It’s getting quite frustrating.

Rooted. Easy box. If you need some help, DM me.

@silentdanni said:

I’m really struggling to get the foothold on this one. Could anyone send me a dm or give me a nudge? I found the correct script, but for some reason when I try to insert the payload I get some syntax errors.

It depends what the syntax errors are really. They should give you an idea of what the problem is.

I tried to execute the scripts locally and didn’t have any problems with them. It’s getting quite frustrating.

Local execution is probably not going through the exploit unless you are running the same platform on your local machine.