@h4ckd0tm3
no you need to do a lot of user to user you missed the beauty of it
go back and redo : )
Type your comment> @MariaB said:
@h4ckd0tm3
no you need to do a lot of user to user you missed the beauty of it
go back and redo : )
Already at it again ^^
Got 3 passwords and user.txt. It’s time for root.txt.
Edit:
Got root.txt, thanks for the box 
Nice box. I liked it and it is a perfect medium box. Not too easy and not too hard. Good work.
I fucking hate windows and this machine is pissing me off.
Whyyyy can i not ‘get’ the file i need when others are clearly having no problems.
A file i used ‘get’ yesterday worked perfectly fine but today decides to throw up an error!?
I’ve switched servers and no change.
Ok. Did the box the intended way now 
Now the box is really nice. It’s straight forward but interesting journey, especially when you are new to Windows Active Directory. Props to the maker!
@h4ckd0tm3 said:
Ok. Did the box the intended way now
Now the box is really nice. It’s straight forward but interesting journey, especially when you are new to Windows Active Directory. Props to the maker!
Could you pm me with what you did before to do it in an unintended way? Wondering if this is something that needs to be patched or if someone just restored something that was not meant to be restored
Hi there, I could use a push on finding passwords. I found a working one so far. I am using it to enumerate further, but I can’t find anything relevant. Could some kind soul enlighten me? I’ll explain what I tried so far.
Thanks!
Hi Everyone,
I’ve been practicing ls*h foo for two days. Cant find a right flag to get anything related to those unattainable creds. Anybody share with me this spherical knowledge, please?
Can’t wait to try your box out VBScrub! Your youtube content as well as boxes are great!
Spoiler Removed
@COSMICTHRILL why cheking that because you saw hints : ( no no …
Like i said enumeration is key if you had paid attention you would have spotted a .log and there you would have seen that this user is related to this ,and even doing net user xxxx gives you this 
…
@magomed said:
Can’t wait to try your box out VBScrub! Your youtube content as well as boxes are great!
Cheers, hope you enjoy it
well… windows is doing its purpose again… pissing me off. can someone pm me? am at the initial enum stage and i just have a bunch of users with no access to shares using em with null sess.
Type your comment> @Alpha19 said:
well… windows is doing its purpose again… pissing me off. can someone pm me? am at the initial enum stage and i just have a bunch of users with no access to shares using em with null sess.
If you’re entering a user name to connect to SMB it’s not a null session. So you either need to enter no user at all (null session) or you need to know the correct password.
Feel free to pm me for a hint.
Type your comment> @Ric0 said:
Hi Everyone,
I’ve been practicing ls*h foo for two days. Cant find a right flag to get anything related to those unattainable creds. Anybody share with me this spherical knowledge, please?
NVM - a school mistake. grep -i instead of grep solved the problem.
Rooted!
Excellent box, thanks to the author.
I just didn’t liked the very first step in finding first user password, I’m a lazy guy when it comes to CTF’s/Training boxes, and that was much info to lookup… ^^
Next steps are quite straightforward.
Finally rooted. Many thanks to @VbScrub - I would say this is on par with your first box.
It was a tough box. I am quite new to RE which held me up for a day or so.
I do think root was easier then the user/foothold - a ton of enumeration is needed, and I spent way too much time looking for root in the wrong place.
My tip for root: look for something interesting when you first login and google it.
Finally rooted. Thanks @VbScrub - This is a box that will create this love and hate relationship
The initial foothold was the biggest blocker for me. After clearing the blocker, it is one straight path to root 