I was trying really hard not to ask for help, but i have been stuck for about three days. I have all 3 users, but i cannot get execution via SB or W**M for any of them. I have gone back through my enumeration, and tried to manually connect and run PS commands but i get authentication errors / access denied errors. Could anyone PM me and give me a slight nudge? Thank you!
@nelifus said:
I was trying really hard not to ask for help, but i have been stuck for about three days. I have all 3 users, but i cannot get execution via SB or W**M for any of them. I have gone back through my enumeration, and tried to manually connect and run PS commands but i get authentication errors / access denied errors. Could anyone PM me and give me a slight nudge? Thank you!
As many already said, enumeration is the key here. The data you need is there you just need to look for it. What helped me is to check each user and see what differs between them.
Once you have more privileges, you can continue your enumeration and find more paths which include interesting data.
Root:
If you read all the data from previous enumeration, you should know that a certain user might hold the information you need.
“When you delete something, you’re making a choice to destroy it. To never see it again.”
— Elliot Alderson, Mr. Robot, season_3.0: eps3.7_dont-delete-me.ko
At first sight I did not really like that box but after the first step was done - just awesome how it all comes together! Thanks @VbScrub for the machine!!
@htbuser01 said:
At first sight I did not really like that box but after the first step was done - just awesome how it all comes together! Thanks @VbScrub for the machine!!
Wasted so much time on the foothold by querying a higher port because a lower port initially timed out. The information you need is not present in that higher one. Don’t make my mistake.
Secondly, a certain cook gave me a meal that wasn’t 100% what I ordered. Don’t know why but if you notice the dot, just guess what they missed. Props to @TazWake for helping clarify that.
Ahahaha. Got root. I am so stupid with Windows boxes
User is easy, but u need to keep the chain in mind
ROOT!:
So, when u got all info, users and know all about this box, check who u are, what u can and use one powershell command which has a special argument for the parameter.
Good luck and thanks to @VbScrub !