An0maly

About

Username
An0maly
Joined
Visits
309
Last Active
Roles
Member

Comments

  • That hurt ... a lot ! Took a week to pop this one including debugging / building the tools needed , actually got up and did a 1 minute root dance once I got system , also got my first badge ! I Learnt a lot doing this box including things I didn'…
    in Sizzle Comment by An0maly May 2019
  • For anyone else facing the same problem I had , turns out you have to try many different webshells till one works , could be limitation on the ASP version on the box itself. Thanks to @r0t13weiler and @tabacci for helping me troubleshoot it and fin…
    in Conceal Comment by An0maly April 2019
  • Had the tunnel up and running months ago but couldn't get webshell , keep coming back to this machine but can't seem to do anything with IIS. Would really appreciate if someone could give me a nudge in the right direction on what I'm doing wrong.
    in Conceal Comment by An0maly April 2019
  • Left this box months ago and came back still stuck at the same point , tcpdump doesn't come up with anything wile listening on either ens33 or lo , only time anything ever comes up I do an ldapsearch that doesn't contain any bind info
  • Spoiler Removed
    in Conceal Comment by An0maly January 2019
  • To be honest , I'm mainly here for the learning experience and look for real life world challenges. I find that boxes that try to be entertaining and be more of a puzzle / Easter egg hunt frustrate me . I appreciate the creator's efforts but just pu…
    in Chaos Comment by An0maly December 2018
  • (Quote) I think I found the 'way' to locate it , still no creds though ...
    in Chaos Comment by An0maly December 2018
  • (Quote) one of the first things I found , It's right there where it should be , you probably missed it going over your initial enumeration . No idea where you found creds though , that eludes me ..
    in Chaos Comment by An0maly December 2018
  • I think one of the biggest challenges with this box is actually understanding what you need to do and having a game plan. This is one you can't just bash out with google without understanding what you are doing. I've had people reach out to me wit…
    in Carrier Comment by An0maly December 2018
  • Can anyone give a nudge on the elusive cookie monster ?
    in Dab Comment by An0maly December 2018
  • Doubt it's cracking , first blood was to quick and it's salted . Have a GPU crack session running anyway but it's been an hour and still nothing
  • Nice box , spent all day struggling with user just to find out that I was using the wrong method to pass credentials I found in LDAP. Once I got a session on the box , got root in 10 minutes of enumeration BUT not through the same path as per the co…
    in Ypuffy Comment by An0maly December 2018
  • (Quote) I think I have several things to try ONCE I get creds , that's what I'm having trouble with , can't seem to extract any ...
    in Teacher Comment by An0maly December 2018
  • Got Root , twice actually because my VM crashed as I was pasting to claim owning system. Thanks to @s4m3sh for confirming my suspicion , I still did it subtly though :wink: The box is not hard , doesn't need a network expert but does require some u…
    in Carrier Comment by An0maly November 2018
  • (Quote) Thats why you need to laern more about N**** :wink:
    in Vault Comment by An0maly November 2018
  • (Quote) VIP or free ? Wondering if it was me coz I remember resetting the box when I was done .
    in Vault Comment by An0maly November 2018
  • You need N*** because , if you don't know where you are going , how are you going to get there ? Suggest you look up the different applications for N*** and different types of ways it can look for what you need given your current topology
    in Vault Comment by An0maly November 2018
  • I got RCE and spent the past 24 hrs hammering away at this with all my network-fu , I thought I had the plumbing all sorted out but I'm starting to think that is not the way to go on this . I'm trying not to be disruptive so have been very subtle w…
    in Carrier Comment by An0maly November 2018
  • Rooted , /tiphat @Skunkfoot for the nudge
    in Vault Comment by An0maly November 2018
  • Is Vault meant to be unreachable ? I've managed to determine 2 open ports on it but can't 'initiate' a connection to them
    in Vault Comment by An0maly November 2018
  • (Quote) I personally avoid using MSF if I can , looked up the CVE and did it manually as per an article that explained how its done. Ran it a few times actually and worked every time , I'm on VIP so maybe its a bit more stable there
    in Irked Comment by An0maly November 2018
  • (Quote) I used an Enumeration script and went through everything it listed , then I went on to a bunch of similar articles that led me to a " one liner " that suggested a few options , something stuck out , poked and prodded at it , it wor…
    in Irked Comment by An0maly November 2018
  • (Quote) Read up on the command and different options under it , once you find out what the syntax is then try it out on a windows machine you have access to till you figure out how it should look like to accomplish what you need it to do. Once it wo…
    in Access Comment by An0maly November 2018
  • (Quote) You need to go through every folder in the shares till you find it , it's there .
  • Been going at this box for 24 hrs now , I've "vaulted" over the first hurdle , broke out of Jail and "tunneled" my way to the host on the other side. I've tried LFI / RFI and even considered "shocking" the other reacha…
    in Vault Comment by An0maly November 2018
Avatar

Howdy, Stranger!

Click here to create an account.