I believe that the official write-up of the “Devel” machine should be revisited. During the privilege escalation we encountered some problems because the web server user “IIS APPPOOL” is not in the administrator group of the system, so it’s not possible through both the metasploit exploits suggested by the write-up (windows/local/bypassuac_eventvwr & windows/local/ms10_015_kitrap0d) to obtain the root.
In my case, i obtain the system through an known exploit called “MS11-046”. I uploaded the exploit in .exe format into the directory “temp”, executed it, and migrated the shell to the new binary system process.
I hope i’ve been helpful to the hackthebox community and to all those people who failed to get root. In any case the machine was really stimulating and relatively easy.
I believe that the official write-up of the “Devel” machine should be revisited. During the privilege escalation we encountered some problems because the web server user “IIS APPPOOL” is not in the administrator group of the system, so it’s not possible through both the metasploit exploits suggested by the write-up (windows/local/bypassuac_eventvwr & windows/local/ms10_015_kitrap0d) to obtain the root.
In my case, i obtain the system through an known exploit called “MS11-046”. I uploaded the exploit in .exe format into the directory “temp”, executed it, and migrated the shell to the new binary system process.
I hope i’ve been helpful to the hackthebox community and to all those people who failed to get root. In any case the machine was really stimulating and relatively easy.
See ya!
Can confirm that the met******* exploit does not work. Using Mingw and compiling the code in an exe and uploading it will get you root