Official Intelligence Discussion

Faaaaaainallllly ffs :smiley: lol great box

Got user… Thanks goes to @PrivacyMonk3y

Finally rooted!
I really rooted this machine, and also learned a couple of things I’ve never encountered before.

You can PM me if you need any nudges.

Finally rooted!! This one was actually hard for me since I am an absolute beginner when it comes to Active Directory. User was way easier than root

User:
Web server gives all you need, even it’s an AD box.
Don’t be lazy. check all you get, not only outside, inside too.

Root:
Read the script, act accordingly and wait until the “RESPOND” comes.
Accounts are not safe and the “packet” can help you.

Hope these will help you a bit. If you get stuck, you are always welcome to DM.

I’m also having trouble with this box. I’ve extracted a couple of users, but I’m missing the password. Can someone give me a nudge?

*** Nevermind ***
My script was bad, and I should feel bad :tired_face:

User: Look all things and fuzzy hard.

Root: Do simple, it’s not hard.
If someone need help send me DM.

Either I did the “wrong” path to root or I think the path to root was quite hard :wink:

Hi im rather new to AD and LDAP; im a little unsure of where to start, what to do, or how to even google search some stuff haha. I was wondering if it was ok, if i could get a point in the right direction. Thank you.

Root definitely took me for a ride. I’d just say be prepared to do some scripting to make your life easier.

Feel free to DM for nudges.

Type your comment> @a74881 said:

Hi im rather new to AD and LDAP; im a little unsure of where to start, what to do, or how to even google search some stuff haha. I was wondering if it was ok, if i could get a point in the right direction. Thank you.

For user you don’t need any AD knowledge. Basic enum should get you to the correct path

1 Like

Rooted

Really a great machine, enjoyed every step !

Enumeration is the key !

So I’ve got the user flag but cannot pop a shell? Have tried several things and vectors.

What am I missing?

TIA

Rooted! For user make sure you get everything and inspect all the details - scripting helps. Root was wild, pay attention to what the automated task is doing and see if you can spoof something with your toolkit.

Rooted! For user: This is not an AD, this is web.
Root : dig in AD

Hmm, so I got a user and a password after a lot of web enumeration.
The 2 combined does not stick to anything at the moment …
Obviously I am missing something …

Type your comment> @acidbat said:

Hmm, so I got a user and a password after a lot of web enumeration.
The 2 combined does not stick to anything at the moment …
Obviously I am missing something …

There’s more enumeration you can do. Delve deep into any files you can download!

Fun box painful if you (like me) use wrong version of a tool but fun. Thanks ARZ101 for help on the last part!

Type your comment

Fun and challenging box.
Thank you @Micah for creating this challenge for us.

Sooo Ive been at it for days.
I’ve got user and the hash/password for the owner of the script. But can’t for the live of me get a shell on the box. Can someone drop a hint? I tried all the packts I can think of.