Dropzone

m9rcin · May 20, 2018, 1:25pm

People say :
“It’s easy, but not THAT easy…”

LOL

m9rcin · May 20, 2018, 2:56pm

20h live and only 9 users have user and root. Quite surprising for 30p. machine …
Interesting box. I’m getting closer, but still not yet there.

genxweb · May 20, 2018, 2:58pm

i had issues yesterday where the box was hung. scan just sat there hours then completed with nothing. On top of that all the user resets and that is on a vip connection. Can only imagine the free box.

m9rcin · May 20, 2018, 3:00pm

i have good stuff already. Trying figure out how to execute code. Have idea, but need to verify.

onlyamedic · May 20, 2018, 3:12pm

A big issues yesterday I was having was that while I was scanning the box got reset & kept messing it up. Keep your eyes open for ppl resetting

jugulaire · May 20, 2018, 4:04pm

I’m VIP and it’s really hard to get something out of nmap on this box !
The big amout of reset is not the only issue over here. Need to figure out how to bypass firewall

3mrgnc3 · May 20, 2018, 5:14pm

@jugulaire said:
I’m VIP and it’s really hard to get something out of nmap on this box !
The big amout of reset is not the only issue over here. Need to figure out how to bypass firewall

Maybe you scan it wrong?

m9rcin · May 21, 2018, 9:47am

This box drives me crazy. I gave up yesterday cause I was tired. I have exact version of Windows including patch level. List of services present and tones of other info. And still only hitting the wall …

m9rcin · May 21, 2018, 10:19am

@macw141 said:
This box drives me crazy. I gave up yesterday cause I was tired. I have exact version of Windows including patch level. List of services present and tones of other info. And still only hitting the wall …

Let’s do not forget about administrator hash which I have as well. WTF?!

eks · May 21, 2018, 12:20pm

Finding the needle in the needlestack

bagy · May 21, 2018, 12:25pm

May sound silly, but Is bruteforcing any of the account hashes necessary?

m9rcin · May 21, 2018, 12:28pm

@bagy said:
May sound silly, but Is bruteforcing any of the account hashes necessary?

Tried, not “rockable”, but it does not matter. Both - hash and password seems to be useless in these condition. Earlier comment about needle - I know this is IT, but how?

m9rcin · May 21, 2018, 12:31pm

@eks said:
Finding the needle in the needlestack

Is there any pragmatic, logical way or just a matter of a “blind shot”.

H4d3s · May 21, 2018, 12:34pm

finished the box ! PM if you need any hint

jugulaire · May 21, 2018, 7:06pm

I’ve find the entry point but i don’t find a way to get into …

rjesh · May 21, 2018, 9:06pm

@haditux said:
finished the box ! PM if you need any hint

Too soon for hints friend - let them play a bit more

H4d3s · May 21, 2018, 9:52pm

@rjesh said:
@haditux said:
finished the box ! PM if you need any hint

Too soon for hints friend - let them play a bit more

True

kamalawy · May 21, 2018, 11:11pm

i am afraid that i have to read the registers, is it so ?

kamalawy · May 22, 2018, 8:09am

any direction for “File Not found!!! -241”

Glasgow · May 23, 2018, 1:40am

Is the intended way to get a shell? or to “iterative” the contents to learn the locations of the txts?

Topic		Replies	Views
Netmon Machines machine	831	107151	April 7, 2023
Fulcrum Machine Machines	11	1653	June 9, 2018
Control Machines	293	45648	April 25, 2020
Monteverde Machines box	587	89042	June 12, 2020
Lightweight Machines	390	70511	August 9, 2019

Dropzone

Related topics