Check your user privileges carefully
everything is on the other network, you should better search on a “domain”
I’ve found the DC for the “D****.local” domain, I’ve found a password for “mb**", cracked SAM passwords for "ad*”, and “m*b**”.
I’ve ran “blh*” on the domain and can’t find any new information, I’ve tried the list of discovered passwords and discovered usernames from the different machines as well as the “******.xlsx” file from the DC against other machines including ws-01 and sql01 and still no luck.
Update - I’ve found a password for “Mr***”, not sure where to go from here, pretty sure its something to do with Poly but looking at the SV** folder didn’t prove fruitful, any hints?
if you found the *******.xml file you are close to your goal.
Can someone please give me a nudge on DANTE-WS01? I am trying the M**** Shell Write to C:\x***\ht*** but doesn’t seem to work, tried different paths as well
Anyone able to DM me for a hint on SQL01 and WS-02? I have rooted every other machine including admin subnet. Thanks!
Hey, everyone!
I need a bit of help in Dante (can DM if that is more convenient) . I have completed the following machines:
DANTE-WEB-NIX01
DANTE-DC01
DANTE-NIX03
DANTE-NIX04
DANTE-WS01
DANTE-W03
I think I got as many credentials as I can, including interesting excel spreadsheet, admin notes on user M***t, etc.
But now I am really stuck. Spraying creds on smb, ftp, ssh, winrm, mssql, mysql did not lead to anything. Brute forcing them does not give anything either. Jns machine was brute forced with the aquired creds, also nothing. I guess pS*se machine is out of scope.
I am not sure what I am missing. I went back on compromised machines, got hashdumps, got the creds which I found during inital footholds on compromised machines. rockyou brute force does not lead to anywhere.
The machines I have left are:
.5
.10
.19
.101 (DANTE-WS02)
If anyone could give me a hint, I would really appreciate it. Not sure what I am missing.
TIA!
Anyone able to DM me a hint about NIX05? I’ve located the user m******* and the **H service but none of the passwords I have were successful. I have to be missing something.
I have questions about machine dante-ws02 anyone give my hint about initial access
Feel free to DM me and let me know what you’ve tried.
hello guys, i’m new here
i decided to try out dante, but… i’m stuck on the first machine ( 10.10.110.100 )
i found out .swp file, so i’m trying to use the informations stored in there to generate cookies using a script… but i sent maaaaaaaany ( like, MANY ahah ) of those cookies and i still cannot login as admin
probably i’m getting stuck on the wrong way to get in, so can i get a hint please?
I would read the thread here with some insight for others who have been stuck on the .100. There’s also the medium article that’s been posted a few times that has some good insight on getting the foothold amongst other tips.
PM me if you have any questions. Happy to give a nudge.
2 Likes
Hello all !
I have a few questions about the second subnet. I found it but I am not sure to really understand how th e connection between the two subnets is working. Can I DM anyone that understood this 
Thanks !
any one on available to help with dante lab? Im at the very beginning. Found the word press site and login. Used cewl to create wordlist and made a userlist based on all names found on the wordpress site. Meterpreter wordpress bruteforce tool confirmed two usernames as vailid a---- and j---- but so far brute forcing with the cewl worldlist and rockyou not coming up with anything.
Maybe use other than metasploit
is pf*se machine out of scope?
New to Dante. Been working at it for a while. Found some things. Having an issue with the ****.txt file. The file talks about another site and DNS name but I’ve not been able to find them. Was hoping I could get a nudge in the right direction.
Hi!
I’m also new to Dante and having trouble figuring out the foothold.
I found the ****.txt file but from there I’m stuck. Any nudge in the right direction would be appreciated.
i got the foothold
now stuck on getting revshell working