Official Reel2 Discussion

@Shad0wQu35t said:

Hi guys, can I PM anyone for sanity check… I think I am lacking a specific user… I hv got bunch of usernames and generated passwords …can help identify what I am missing.

The structure of the names and passwords matters.

Its also worth using a tool designed for the thing you are targeting.

OK so far I’ve tried not to follow the various hints that are currently being given but to
try first what i think might be the ‘reasonable’ exploit (line 26 in that same file that
the error is given us plus the “cleaning” method on the same file).

In addition, I’ve tried sending, just like @TazWake mentioned, a url with the phrases/words i do believe are relevant for all users (brrrrrrrrrrrrrr).

Other than then, I’m currently trying to see other path.

Does the 1st vector i’ve mentioned is the way here ? or the “spraying” ?

Lttle by little… after a whole week… user and then root
Thank you for the ride @cube0x0, I learnt a lot (again) :wink:
Pm me if needed !

got user. took probably longer than it should have. spent more time social networking than i probably should have. tried to do some enumeration for privesc but a break is much needed. I assume it’s something with the files of the current user.

@HcKy said:

got user. took probably longer than it should have. spent more time social networking than i probably should have. tried to do some enumeration for privesc but a break is much needed. I assume it’s something with the files of the current user.

Enumeration is the key. Finding files used to record information is helpful. Also getting a good idea as to why the command options are so limited opens the door to work out an attack. (This seems vague but it is hard to explain without explaining, when you get root you will understand)

i have valid creds on a service but struggling to use them. Someone want to give me a sanity check? My normal go-to is not working…

Shout out to @acidbat for getting me back on track!!

Type your comment> @rootshooter said:

Shout out to @acidbat for getting me back on track!!

No worries mate :slight_smile: -

Managed to get the user h**h using r******r … accessed the box remotely using pwsh … but got stuck with JA :smirk: tried many ways to breakout but nothing seems to work… a nudge towards right direction will really be appreciated.

Thnx

@sicario1337 said:

Managed to get the user h**h using r******r … accessed the box remotely using pwsh … but got stuck with JA :smirk: tried many ways to breakout but nothing seems to work… a nudge towards right direction will really be appreciated.

Abuse the service you are stuck with. Look at how it is configured, this will give some good ideas on what you can do to make it work for you.

@TazWake said:
@sicario1337 said:

Managed to get the user h**h using r******r … accessed the box remotely using pwsh … but got stuck with JA :smirk: tried many ways to breakout but nothing seems to work… a nudge towards right direction will really be appreciated.

Abuse the service you are stuck with. Look at how it is configured, this will give some good ideas on what you can do to make it work for you.

Thanks for the response… mmh… didn’t look at it in that perspective, all this time I’ve been trying to break out of it… any link you can share that I can have a look at? Please DM if you have one or share it here if that’s not considered as a spoiler so that it can help anyone else in the same boat as me :smile:

@sicario1337 said:

Thanks for the response… mmh… didn’t look at it in that perspective, all this time I’ve been trying to break out of it… any link you can share that I can have a look at? Please DM if you have one or share it here if that’s not considered as a spoiler so that it can help anyone else in the same boat as me :smile:

I cant really think of anything specific - the Microsoft documentation on this is quite useful though.

@TazWake Much appreciated with the guidance and knowledge shared…
Learnt something that never knew existed

Got user and now off to root :wink:

Anyone willing to sanity check my list of names? I somehow can’t get any connections from the machine, after messaging “everyone”?

@HomeSen said:

Anyone willing to sanity check my list of names? I somehow can’t get any connections from the machine, after messaging “everyone”?

Feel free to DM me! This can be a frustrating box because it seems to quite often fall over.

After finally reaching out, and even get a response via PM, it all of a sudden decided to ping back :confused:
Thank you @acidbat and @TazWake for offering to help. It’s, as always, much appreciated :slight_smile:

@HomeSen said:

After finally reaching out, and even get a response via PM, it all of a sudden decided to ping back :confused:
Thank you @acidbat and @TazWake for offering to help. It’s, as always, much appreciated :slight_smile:

Nice one - the box is a touch unstable to say the least.

Type your comment> @HomeSen said:

After finally reaching out, and even get a response via PM, it all of a sudden decided to ping back :confused:
Thank you @acidbat and @TazWake for offering to help. It’s, as always, much appreciated :slight_smile:

Anytime mate :slight_smile:

Anyone can give me a little bit of nudge? I think I’m on a right path I just need to have the right file for me to get in.

Type your comment> @device said:

Anyone can give me a little bit of nudge? I think I’m on a right path I just need to have the right file for me to get in.

Send me a message :slight_smile: