Official Fuse Discussion

Hi, I got shell and user but I have something weird I don’t fully understand.
When I play with a box I usually add it to my hosts file like 10.10.10.193 fuse fuse.htb .

Not sur if it is a good practice or not. during the enumeration I used some credentials to enumerate more to find user password. the command used to find it ens (via r) failed when I used fuse.htb and worked fine with IP. The error was WERR_INVALID_NAME.

I hope it isn’t and spoiler. Apologies if it is.

@Darvidor said:

Hi, I got shell and user but I have something weird I don’t fully understand.
When I play with a box I usually add it to my hosts file like 10.10.10.193 fuse fuse.htb .

Not sur if it is a good practice or not.

There is nothing wrong with it. Just remember you might not be using the same hostname as the box creator, so always be flexible enough to try different things.

during the enumeration I used some credentials to enumerate more to find user password. the command used to find it ens (via r) failed when I used fuse.htb and worked fine with IP. The error was WERR_INVALID_NAME.

This is possibly down to the technology stack involved.

Other people have discovered the issue: Official Fuse Discussion - #180 by danielcues - Machines - Hack The Box :: Forums

Someone with a better understanding of the stack might have a good answer, but in my experience, it is simply that some tools work better with an IP address, some with a hostname and sometimes you need to find out what the hostname is for that tool.

In this case, IP works.

Hi, I’ve made it with get two creds that actually works. I have now the problem that I can see the shares but no perms to execute stuff with ps/smbexec (I guess the users aren’t admins).
any idea?

@darkrolex said:

Hi, I’ve made it with get two creds that actually works. I have now the problem that I can see the shares but no perms to execute stuff with ps/smbexec (I guess the users aren’t admins).
any idea?

Use a different tool - you aren’t finished with the enumeration yet, dont rush to being able to execute.

If you keep looking, possibly using a client dedicated to making procedure calls over a remote connection, you can get more information and a better foothold.

Type your comment> @algernope said:

Also, Azure (at least had) a generous trial offer going…
https://azure.microsoft.com/en-us/free

Using Visual Studio on an Azure Virtual Machine | Microsoft Learn

Probably a way to get it done for free in there somewhere.

A good call for those on the edge in terms of disk space.

Compiling went like clockwork :slight_smile:

Finally rooted. Not easy for me. But with a little research, help and patience it is done. I learn a few interesting stuff. Thanks.

Type your comment> @Darvidor said:

Finally rooted. Not easy for me. But with a little research, help and patience it is done. I learn a few interesting stuff. Thanks.

will you help me out I swear I have the pass to get into shell but it keeps saying login failed anyway

Type your comment> @TazWake said:

@darkrolex said:

Hi, I’ve made it with get two creds that actually works. I have now the problem that I can see the shares but no perms to execute stuff with ps/smbexec (I guess the users aren’t admins).
any idea?

Use a different tool - you aren’t finished with the enumeration yet, dont rush to being able to execute.

If you keep looking, possibly using a client dedicated to making procedure calls over a remote connection, you can get more information and a better foothold.

are you able to help me out I have gotten the fab********* password and every attempt at using win** fails says the password is incorrect

@MakeAWishKid said:

are you able to help me out I have gotten the fab********* password and every attempt at using win** fails says the password is incorrect

If you are super stuck, sometimes a PM is better as it can be less vague.

For example, I dont know what password you mean here. There isn’t one in my notes that resembles what you’ve put.

The first thing I’d suggest is double-check the thing you think is the password. Make sure you haven’t cut off the first or last characters. I think it should be 14 characters long.

First time asking for help…I have got the credentials from rp******* and trying to brute force via met******* but some reason it cannot find an account that it can login with. I might be looking in the wrong area but any hints would be much appreciated.

@snowball01 said:

First time asking for help…I have got the credentials from rp******* and trying to brute force via met******* but some reason it cannot find an account that it can login with. I might be looking in the wrong area but any hints would be much appreciated.

Not sure I understand the question properly. If you have the credentials from rp******, you can also get a list of account names.

One of them should allow login, but I’d be tempted to use cr********* to brute force it.

I got a user with the help of some brothers here, for root I enumerated with winpeas and found nothing, does anyone help me?

@mspc said:

I got a user with the help of some brothers here, for root I enumerated with winpeas and found nothing, does anyone help me?

Manual enumeration is a lot better. Have a look at what the user can do.

Unable to connect to S**** or R**** client, it ends with timeout but why?

Hello! Anyone around to give a nudge on priv esc? Having problems on the last step…

Type your comment

Got the creds for s** but now unable to change the password is there something special i need to do

Hey,
anyone got this error ?
machine xxx.xxx.xxx.xxx rejected the password change: Error was : The transport connection is now disconnected… with the tool smbpasswd ?
thanks

Hey!
Did you figure out how to resolve the error?

use impacket-smbpasswd command to change password