I wasn't able to crack it in VM, I ran it on my gaming box with a 1080ti and had it in seconds.
Also this thread is loaded with spoilers now, this a good box to learn and discover on and has the added bonus of being something you would likely fin…
From hints and playing with sqlmap I managed to get root but not user, I've given up on odat for now since I can't get all of it's modules working.
I think odat with the lowercase issue and now every module reading KO on test has sucked up more of …
> @Moliata said:
> I spent hours and my brain is washed. I was just trying my first box. Is it related to SMB? Thanks.
This is not a good first box unless you already know AD, and have experience in mixed AD-Linux environments.
If you found the credentials but don't know where to use them, maybe sit down and think what you'd do if you were a legit user on a Linux workstation in an AD environment and were trying to access shared resources.
@eransh10 I won't link it the thread since it basically is a spoiler. But the solution to getting a reverse shell is easily found if you look at what is running and search for common exploit methods to be used against it.
Watch ippsec's videos he uses it extensively since web servers are pretty big attack surfaces.
There is an article that basically gives this machine to you if you can understand what it is running and what it is doing.
Privesc at least how I did w…
If you REALLY think you have the credentials try a reset.
I went back over my notes and I noted I'd already tried the correct credentials but they had triggered a blacklist notification, I reset and re-hit my notes and one of my first attempts let …