Horribly lost here. I’m stuck on priv esc, tried everything I could find here and on google. Been at this for hours, brain is fried. Can someone give me a nudge in PM please? That way I have fresh ideas to try tomorrow after work…
Is there anyone I could talk to about tips for this box? I feel like I am on the right track… but my research has lead me into what seems like a dead end…
Rooted !
Very realisitc box.
User was fairly easy - Root was quite a bit more complex but all the tools you require / hints are in this thread
@JunGLeJuiCe said:
I don’t want to give spoilers, but hopefully a nudge for anyone looking for Priv Esc. Went down the same route as most but saw the announcement about the patch for that vulnerability being deployed. Went back to basics, in the end, all I needed was on the Kali distro already, there are good examples. It’s all about Getting to the Principal of the matter
This hint, I finally get it. Stuck at work with no access to the labs but I’m itching to go try my new idea!
stuck on how to get root anybody can give me a hint how to use impacket…
I see there is a file share but I can only get into replication is this a rabbit hole or is this something to actually look at?
I need help I could decrypt the password but I cant use it anywhere…PM
UPDATE: user flag got it!!
I managed to connect to replication, but my connection gets really slow after I enter a couple commands. Anyone know why?
Wow, this machine is driving me nuts. I’m still unable to understand fully how to get root. Learning a ton, though.
UPDATE: Rooted. Fantastic and invaluable learning experience. All hints provided here are sufficient once you understand the process. Thank you @eks and @mrb3n!
Finally rooted this box, it was a great journey and i learnt a lot from this box.
Hint: keep it simple and explore all the tools kali has to enumerate and penetrate A**** D*******.
Meant to come back and say I finally got root on Monday! The hints here were subtle but after doing research on k****** I finally picked up on them. For the first time, I find myself doing even more research AFTER getting root, because I didn’t fully understand the importance of what I did. I will say this to people who are still stuck: YouTube is a surprisingly good source of information. There are lots of recorded talks and speeches from various security conferences that present information in a very easy to understand way. Sure beats the ■■■■ out of reading dry technical write-ups from Microsoft.
I’m available for PM if anyone wants little nudges.
Rooted. My suggestions:
- go deep in smb enumeration (there’s a world)
- impacket + k*******
- h*****t
PM for hints
SMB enumeration and knowing the principals i’ts the key in this box.
Rooted. Great box. Learned a lot in the process. Pushed me to research into a topic I wasn’t experienced with.
Learned heaps from this one. Both txts can be obtained without shells, required a bit of fiddling with existing tools and installing missing dependencies, but used some new tools I haven’t used before. PM if you need hints.
@meni0n said:
I don’t understand why my enum is not working. I talked to another person and their s**client was working fine but I keep getting connection reset all the time…
Try Linux file manager
Finally rooted. Learned a lot from this. Great box!
Finally Rooted! Good machine with some new tools and new concepts to grasps