tang0

About

Username
tang0
Joined
Visits
627
Last Active
Roles
Member

Comments

  • Type your comment> @hackbarx said: (Quote) I have fixed the client. Do i need admin role to get the server code?
    in Fatty Comment by tang0 February 10
  • I'm using off-the-shelf code to get root. It requires me to make a dns query, which i do using nslookup but nothing happens (the code is not executed upon the query). I have uploaded everything to the target. Any hints? I can elaborate further in P…
    in Resolute Comment by tang0 December 2019
  • I have a bunch of usernames but most options require passwords. The only option from I****ct without password returns nothing. Also is 445 a rabbithole for user?
    in Resolute Comment by tang0 December 2019
  • I am also facing the same issue. I waited 3 days after owning a box but no change in ownership. Rooted another one just now, still the same ownership. Any ideas what's happening?
  • Type your comment> @tang0 said: (Quote) Thanks guys for the help. Got user. I was trying the wrong password. Now onto root.
    in Control Comment by tang0 November 2019
  • I have the foothold but i can't escalate to user. I have 2 passwords. Using powershell to escalate to elevated reverse shell, the same way worked for sniper, i have tried variations also but no use. I get following error. Connecting to remote serve…
    in Control Comment by tang0 November 2019
  • Please STOP changing the config dir, the default is fine.
    in Postman Comment by tang0 November 2019
  • I have the vector for root, but all the payloads i have tried don't work. Would someone please PM with a nudge? I can share what i have tried so far.
    in Sniper Comment by tang0 October 2019
  • I found search engine like functionality, not sure if it's a rabbithole, It does point to a new technology.
    in Mango Comment by tang0 October 2019
  • I have been stuck on root for way too long. I have the output from dog and i can see some kind of path. But the recommended exploitation paths don't work on target. Can anyone please PM with some hints? very new to AD.
    in Forest Comment by tang0 October 2019
  • Type your comment> @suls said: (Quote) I think it does. I can execute meterpreter payload to get a meterpreter session. But the same prompt doesn't return anything when i execute the sharp dog.
    in Forest Comment by tang0 October 2019
  • Found some SSL certs, but still missing the 'k*y' to get ahead.
    in Registry Comment by tang0 October 2019
  • Type your comment> @bipolarmorgan said: (Quote) I tries both PS and regular cmd but dog doesn't give me anything. No zip or json file is created. I got the pre-compiled dog from the hub. What am i missing?
    in Forest Comment by tang0 October 2019
  • Type your comment> @shah316 said: (Quote) Google: nishang powershell reverseshell ippsec
    in Bankrobber Comment by tang0 October 2019
  • I am onto root, I can see the odd process, but i can't execute it, download it or dump it. Is there some other way to interact with it, that i'm missing? Edit: Found what to do with it (thanks to @keyos1 ), but i can't forward anything to me, as so…
    in Bankrobber Comment by tang0 October 2019
  • Type your comment> @HAL9000B said: (Quote) I tried the priv esc via database but stuck at copying the shared lib in the right dir. Got errors. I am not sure why? i wrote to @askar to ask about it. Waiting to hear back. However, i haven't found …
    in Wall Comment by tang0 September 2019
  • I understand how the exploit works. But while adding the server manually, i get 403 forbidden. Is it supposed to work like that? i believe this is why my exploit is not working either.
    in Wall Comment by tang0 September 2019
  • I can join too: Discord: tang0#7178
  • Type your comment> @clubby789 said: (Quote) Oops, my bad. I guess i'll have to wait then. Thanks for the prompt reply.
    in Wall Comment by tang0 September 2019
  • Is it just me, or the machine is inaccessible on EU servers?
    in Wall Comment by tang0 September 2019
  • First question, what kind of enumeration one needs to perform to get to blog? Second: I know the basic idea for initial foothold, so should i manipulate the strings inside msf rev shell to bypass y*** r****? Is this the right direction?
    in RE Comment by tang0 September 2019
  • Finally rooted. Turns out i wasn't using sudo with the correct script xD; Some takeaways: -Do use sudo -Use absolute path -You don't need another reverse shell -Try replicating the $y=$x scenario in your shell. PM for help. Big thanks to @cyberpat…
  • Ok, this box is weird. I have the new username and all passwords. According to one of the aux scanners, one login combination works fine but it fails while using any winrm shells. Am i missing something obvious here?
    in Heist Comment by tang0 August 2019
  • How many passwords are we expected to crack? I cracked one and got user but can't find binary.
    in Ellingson Comment by tang0 August 2019
  • I have exploit working on local machine. I believe the issue with remote exploit is the fixed offset to string b****h. But i am stuck as to how to retrieve the correct offset, specially when the application does not send errors over the socket. Any…
    in Safe Comment by tang0 July 2019
  • Rooted. PM if you need help, online for a few hours.
    in Luke Comment by tang0 July 2019
  • Finally got the certificate issue resolved, now on to user. PM if you are stuck at certificates.
    in LaCasaDePapel Comment by tang0 July 2019
  • I have been trying to crack the password for b****.**g but hashcat shows no progress. It stays stuck at 0% forever. I have even tried to generate a subset of relevant words as suggested by @MinatoTW. But hashcat is not trying any of them. I am using…
    in Arkham Comment by tang0 July 2019
Avatar

Howdy, Stranger!

Click here to create an account.