Academy windows priv esc pillaging help please!

HTB Content Academy
1

Hey I’m stuck on this:
“Log in as Grace and find the cookies for the slacktestapp.com website. Use the cookie to log in into slacktestapp.com from a browser within the RDP session and submit the flag.”
The page says to use this command:

“python3 cookieextractor.py --dbpath “/home/plaintext/cookies.sqlite” --host slack --cookie d”
1st problem python is not installed on the machine… Am I supposed to install it?
2nd problem I can’t get the file onto my machine to run the script there…
I can’t set up shared folders or a http server cause access denied… I have no idea how to set up file transfer on remmina, xfreerdp, and rdesktop even after following guides.

2

You have to tranfer the cookie to your attacker machine! You can use a copy past method with xfreerdp or you setup an smb file share

3

For anyone that’s struggling like i did, here’s what i did

  1. I tried sharpchrome, which failed.
  2. After a little bit of manual searching in %localappdata% i found out that There are no cookies stored in chrome, same for MSEdge.
  3. So I took the last browser installed on the machine, and downloaded it’s cookies.sqlite file to my machine using “uploadserver” - from PyPi
  4. Open it in sqlite3

  5. .tables then select * from tablename;