@stiqan said:
Keep getting KRB_AP_ERROR_SKEW(CLCOK SKEW TOO GREAT") when running the “REQ” arg with I*****. How can I get passed this, something with time or version or what’s up? I know we changed to daylight savings time where I live, does that affect things?, lol
I’m going to go out on a limb and guess you’re running your attacking OS in a VM. Check the date/time setting and the TZ setting in the virtualised system. VMs can often end up with bad time settings. As the system you’re trying to use relies on expiry times, it is quite sensitive to improper time settings.
@stiqan said:
Keep getting KRB_AP_ERROR_SKEW(CLCOK SKEW TOO GREAT") when running the “REQ” arg with I*****. How can I get passed this, something with time or version or what’s up? I know we changed to daylight savings time where I live, does that affect things?, lol
I’m going to go out on a limb and guess you’re running your attacking OS in a VM. Check the date/time setting and the TZ setting in the virtualised system. VMs can often end up with bad time settings. As the system you’re trying to use relies on expiry times, it is quite sensitive to improper time settings.
Thansk for comment. Actually it’s a “dedicated box” with kali. I’ve tried to checked all the time settings, and done lots of manuals for changing it up, so frustrating even trying to "net time set active.htb " and variations of that, won’t accept it though
EDIT: Changed time back a few minutes and it worked. Time on server was 7 minutes behind. Tried syncing, but wouldn’t let me. a tool called rdate helped
I reached the replication file.Download the reletead **…xml file and decrypt the password.
Now,I can enumerate with these credentials via smblcient but still ı can’t access except the Replication file.
I tried msfconsole and use psexec with those credentials but at that time I got Login error.What am I doing wrong?
HI all, so I cannot get JTRr to work to crack the hashes - I’ve tried both the Kali default version and also installed the M*mrppr version. It recognises the hashes but doesn’t crack them using rockyou.txt. Any tips?
@poe said:
HI all, so I cannot get JTRr to work to crack the hashes - I’ve tried both the Kali default version and also installed the M*mrppr version. It recognises the hashes but doesn’t crack them using rockyou.txt. Any tips?
I personally used hashcat, but according to the previous replies here JTR (the community enhanced edition) should work. I******t should have a tool that helps with that. There is a commandline flag to directly export a usable hash for said cracking tools.
@poe said:
HI all, so I cannot get JTRr to work to crack the hashes - I’ve tried both the Kali default version and also installed the M*mrppr version. It recognises the hashes but doesn’t crack them using rockyou.txt. Any tips?
if u use kali there is a easy tool inside for this hash check out gpp-d********
@canyin said:
Trying to crack the password but can’t use h*****t due to lack of proper hardware at the moment. Can someone PM me the good alternative with runs on ARM? Thanks!
edit. got it!
How you managed to solve the problem?
EDIT: Actually got the User flag, didn’t expect that to be soooo easyyyy… Wondering how to get root; anyone got any advice?
@Ac1d0 said:
EDIT: Actually got the User flag, didn’t expect that to be soooo easyyyy… Wondering how to get root; anyone got any advice?
There’s a python toolset that can use the creds for user to find an even more privileged user. You could say it would have an “impackt” on your pentest.
@Balzabu said:
EDIT: Actually got the User flag, didn’t expect that to be soooo easyyyy… Wondering how to get root; anyone got any advice?
There’s a python toolset that can use the creds for user to find an even more privileged user. You could say it would have an “impackt” on your pentest.
I tried almost every example in “impackt” but can’t see a way to get root… more tasty hints please?
EDIT: Got the hash, cracking it right now !
@Ac1d0 said:
EDIT: Actually got the User flag, didn’t expect that to be soooo easyyyy… Wondering how to get root; anyone got any advice?
There’s a python toolset that can use the creds for user to find an even more privileged user. You could say it would have an “impackt” on your pentest.
I tried almost every example in “impackt” but can’t see a way to get root… more tasty hints please?
@Balzabu said:
EDIT: Actually got the User flag, didn’t expect that to be soooo easyyyy… Wondering how to get root; anyone got any advice?
There’s a python toolset that can use the creds for user to find an even more privileged user. You could say it would have an “impackt” on your pentest.
I tried almost every example in “impackt” but can’t see a way to get root… more tasty hints please?
Your in the right place keep at it
Is -m 13100 hash -w 3 -a 3 ?l?l?l?l?l?l?l good for the cracking process?
Completely stuck for way too long. Owned user pretty easy, and managed to pull admin hash. JTR is taking forever (6+ hours) and currently can’t use hashcat with my setup. I’m pretty sure I can gain access without having to actually crack admin however none of the tools I’ve been using with impacket seem to be working. Have tried to pass the ccache! Any tips?? Sorry if spoilers
Okay so I have cracked the hash for .xml file but then where to use it? I know it would be used to access some smb shares mostly but what would be username tried running hydra with 6-7 usernames but then its not running at all…
@Divyanshu said:
Okay so I have cracked the hash for .xml file but then where to use it? I know it would be used to access some smb shares mostly but what would be username tried running hydra with 6-7 usernames but then its not running at all…
Take a look at your file, all you need should be in there.
I know we changed to daylight savings time where I live, does that affect things?, lol
!