So … I’ve seen some advice about breaking up port scans on this box into smaller batches, something like -p 1-10000, rather than all of the ports at once.
Check out the horrific performance I’m getting from the following command:
nmap -sS -sU -p 1-10000 10.10.10.74
Stats: 8:40:22 elapsed; 0 hosts completed (1 up), 1 undergoing SYN Stealth Scan
SYN Stealth Scan Timing: About 17.18% done; ETC: 02:01 (41:48:13 remaining)
If I attempt to speed it up with the -T4/5 options, I get a very unreliable scan, and so far, I see no open ports from either approach.
Has anyone else had such poor performance scanning over the VPN, and would upgrading to a VIP account perhaps fix this?
Is priv esc broke or did I piggy back? I got the user by spamming that exploit and basically did not have to do any exploit to get root flag. Curious if I piggy backed as I had reset the box a half hour before.
@3lpsy said:
Is priv esc broke or did I piggy back? I got the user by spamming that exploit and basically did not have to do any exploit to get root flag. Curious if I piggy backed as I had reset the box a half hour before.
this machine doesn’t even deserve to be on this platform… verified my exploit with a guru and been using it for over a day but can’t even spawn a shell with it because the service dies instantly… what could a person learn from it… so disappointed with hackthebox
I set up VM test environment which is the same like this vbox. In my environment I can easily exploit vuln app but not at all on chatterbox machine… Any idea what I can do? I already reset vbox and tried on fresh VM but that doesnt help…
@blackangel said:
I set up VM test environment which is the same like this vbox. In my environment I can easily exploit vuln app but not at all on chatterbox machine… Any idea what I can do? I already reset vbox and tried on fresh VM but that doesnt help…
Very unstable VM… One second working fine and next time you need 3 resets that you can establish reverse shell again. Be patient with that vm
I got the root.txt using the suggested tool of cacls before… Im not sure I understood why it worked though, can someone send a link or explain why/how this works?
@axel205 said:
I got the root.txt using the suggested tool of cacls before… Im not sure I understood why it worked though, can someone send a link or explain why/how this works?
With icalcs, you can grant a certain user the permissions to a certain folder and its underlying files. The user was already elevated, just the permissions were not yet properly configured.
hi anybody can tell me about priv escalation for “chatter box”. i also have read comments that there is no need of priv escalation and just see in folder where your shell let you landed. but i have search folder nothing specious found ?