I believe that the official write-up of the “Devel” machine should be revisited. During the privilege escalation we encountered some problems because the web server user “IIS APPPOOL” is not in the administrator group of the system, so it’s not possible through both the metasploit exploits suggested by the write-up (windows/local/bypassuac_eventvwr & windows/local/ms10_015_kitrap0d) to obtain the root.
In my case, i obtain the system through an known exploit called “MS11-046”. I uploaded the exploit in .exe format into the directory “temp”, executed it, and migrated the shell to the new binary system process.
I hope i’ve been helpful to the hackthebox community and to all those people who failed to get root. In any case the machine was really stimulating and relatively easy.