Active any hints

HTB Content Machines
161

@takuma said:

@masusekhan said:
hi all - can anyone hive me a dm for the hint i am having a user and its encrypted password perhaps but bit of a lost, seems i am in a right direction. Thanks

Just decrypt it with popular tool :slight_smile:

by the way, donā€™t forget the correct parameter and common dict.

thanks. rooted yesterday itself. nice experience.

162

A good machine. Taught me some neat things about AD, how to wield a new set of tools, and general authentication methods in the Windows operating system.

163

Do I need to go beyond the Sc*** shell to get to root? I know I can do more research but everything Iā€™ve read seems to say I need Powershell.

Thanks!

164

I guess someone maybe messes up the machine because I can get a shell with system permission.

165

Can anyone PM me with any hints on privesc?

166

Rooted! This box is awesome. Learned a lot!!

Feel free to PM if you need hints!

167

This is the box which really taught me lessons! was a very nice experience.

168

Thanks Rooted

169

ok, I know i can connect to a hidden share as annoymous, but this does not seem to do much for meā€¦ I suspect i need to connect as a userā€¦ were do i find the user/credentials? one of the other services like ldap maybe? please help :slight_smile:

170

I know i can put files and get files also on this service, but i dontā€™ know what to put or get, lolā€¦

171

Hello,

I still didnā€™t get the initial foot in. I enumerated the server and found many services.
I can read that first step is getting something from the S** service. I used many diferent tools such as e4x and sct or nlx, but they all return null results. I canā€™t enumerate anything further on this service.

Did you guys manage to enumerate it with tools normally?

Thank you and regards :slight_smile:

172

found it! :slight_smile:
finding which i could have read access to help.
this cool was great
smbmap

173

I need a nudge on getting user. I think I am looking in the right place, just need a nudge.

174

rooted, so much learning and so much i will be using for a long time!
thanks to @mcruz for pointing me in right direction and thanks to Tim medin for creating awesome lecure videos :slight_smile:

175

Rooted! Thanks to 0zcool for help regarding using command with the right parameter.This box taught me a lesson. It was fun. You donā€™t need shell to get root.

176

I have the pass GPP but not found the user.
i need help xd

177

@kamee said:
Hello,

I still didnā€™t get the initial foot in. I enumerated the server and found many services.
I can read that first step is getting something from the S** service. I used many diferent tools such as e4x and sct or nlx, but they all return null results. I canā€™t enumerate anything further on this service.

Did you guys manage to enumerate it with tools normally?

Thank you and regards :slight_smile:

Thats right you need to get something from the S** service, but use an another tool.

178

@xplo8 said:

@xplo8 said:
Can anyone confirm that they are able to get the share access still. Need to understand if itā€™s just me. Using certain null tool with -all and ip, still nothing. Ping working, nmap detecting open ports. Anyone willing to PM help me?

Hey everyone, in case you run into this itā€™s handy to specify protocol version if stuck. I was using the right commands fro hours and finally had it work

Thanks, i got into the same problem for hours, I just needed to specify SMB2

179

@sckull said:
I have the pass GPP but not found the user.
i need help xd

sure you didnā€™t find it? ^^

180

I got user.txt but Iā€™m a little stuck on root, any suggestions?