any pointers on the RE of the .exe?
Type your comment> @Hevve18 said:
any pointers on the RE of the .exe?
Not much RE required really, just use what you already have
Type your comment> @Hevve18 said:
any pointers on the RE of the .exe?
Find out what framework was used to create the exe and then find a decompiler that specialises in that (there’s several, for both windows and linux). Once you’re using the correct tool, its pretty much the easiest RE there is
Hey @VbScrub ,
I’ve found the user creds for A***c. But I’m having trouble popping a shell/finding the user.txt. No dice on W**R. I feel like I’m missing something pretty obvious given the creds are meant to be the hard part. Any nudge would be appreciated.
Cheers.
@ReaveR said:
Hey @VbScrub ,
I’ve found the user creds for A***c. But I’m having trouble popping a shell/finding the user.txt. No dice on W**R. I feel like I’m missing something pretty obvious given the creds are meant to be the hard part. Any nudge would be appreciated.
Cheers.
You should be able to pop a shell via the evil tool.
The user.txt is “in another castle” that you already discovered earlier 
Type your comment> @HomeSen said:
You should be able to pop a shell via the evil tool.
The user.txt is “in another castle” that you already discovered earlier
Thank you! I got user, I was so close for so long!
Thank you @VbScrub I’ve learned SO much from this box so far, it’s invaluable.
Edit: Also, rooted. Very fun!
@ReaveR congrats, and glad to hear that you enjoyed it and learned a lot 
Me Being a huge fan of Australian Cricket … I loved that @VbScrub you used name:Steve Smith …thanks for a great box …looking forward for your other boxes too…
Got user, it was pretty simple step. PM if you need help on this step
Working now on getting root
C:\Users\Administrator\Desktop> whoami
cascade\administrator
Finally rooted 
Thanks @VbScrub for a nice box, I’ve learned a lot for me
Think I found all the dead guy stuff on the three letters…looked at it under 3lites and got lots of info…not sure what to do with it next though…pls hint/help
@VbScrub
rooted.
Great box! I always end up learning more and more from your boxes. Thank you, I’m waiting your next box.
Thank for this great Machine man @VbScrub i have learned a lot from it.
Name of this machine should be Inception. Enum in enum in enum… 
@VbScrub it was like a journey! Great opportunity to master tools like powerview, ldapsearch, some decompilers and much more… even if not every of them are necessary for this box.
Got root! Good box. The most difficult thing in this machine is initial foothold.
i got third user. but i dont know how can get root. anyone, HELP. HELP.
Type your comment> @0toolv5 said:
Ahahaha. Got root. I am so stupid with Windows boxes
User is easy, but u need to keep the chain in mind
ROOT!:
So, when u got all info, users and know all about this box, check who u are, what u can and use one powershell command which has a special argument for the parameter.
Good luck and thanks to @VbScrub !
i got thrid users. try restore some service. but insufficient access rights. it’s rabbit hole?
Could get some help with reviving… The commands im running are throwing errors and i cant find much more about the topic…
You don’t need to restore/revive anything. Think about it. If you did that, it would ruin the machine for everyone else because now they would just have access to that thing straight away. So a HTB machine can’t be made with something like that as the solution.
Having said that, you’re on the right track. Just inspect the item instead of trying to restore it.