Hello! I am working on Windows Attacks&Defence module. I couldn’t connect to the PKI server (172.16.18.15) in the PKI-ESC1 attack section. The server seems down or don’t accept the connection.
I tried to connect using the attacker machine (Kali) and Bob’s WS001 (Windows). Neither of them worked. You guys have a clue on how I can connect to PKI server? Thanks.
3 Likes
Edit: I found the text in the lab that should get it to work. They really tuck it in there and you’ll miss it if you’re not reading the lab in it’s entirety which I guess I should be doing more often lol
It’s at the end of the lab. Just gotta use PSSession instead.
2 Likes
You have to wait for 10 min to everything boots up
@jaybeeayyy I am stuck on the part to use the cert.pfx on windows machine it gives me an error any clue?
same, did you solved it?
Sometimes PKI just does not start at all. Make sure to check it with “ping PKI”
1 Like
Anyone solved this?, I’m getting this error message below when I use Rubeus
“kdc_err_padata_type_nosupp”
Same here! Did you figure this out?
Make sure to follow the instructions where it says wait 7-10 minutes before issuing new cert. that was my issue.
Struggling with this module. I was initially able to RDP into WS001 (Bob) from within my RDP to Kali. But now, I keep getting “the trust relationship between this workstation and the primary domain failed” error when RDP’ing to WS001 from Kali. Have respawned the VMs multiple times and waited over 20 minute each time with no luck. Really unsure what’s happening, as I know it worked before but just now decides not to play… So frustrating when it feels like I’m spending most of my time troubleshooting connectivity as opposed to actually going after the learning objectives of this quiz.
1 Like
Im deal with the same issue. I used my own machine but that started to give issues as well
For all who still struggle, I found the troubleshooting somewhere which resolved my issue.
There is one command in the “cheatsheet” which lets u in PS remotely without a problem.
Although you cannot ping the PKI machine but this remote command surprisingly reaches the machine and helps u find the answer.
After getting that message, hit enter so it asks for a new user/password and, instead of entering anything, restart the machine from within that window. It might take a few tries. I also ran into a certificate issue which I fixed with sudo update-ca-certificates. Again, that might take a few tries.
Follow the command in Cheat Sheet PKI - ESC1 to connecto to PKI machine (xfreedrp and ssh won’t work)