I tried to connect wia xfreerdp as Administrator with SA password but all my attempt are in wain.
Which RDP connect you used?
Try it with Remmina
The connection with the server is so bad remmina always disconnect. Sometimes I cant even ping IP. Its weird. Anyway thanks a lot.
Maybe you should change the VPN access.
thanks a lot that was useful to read the nfs shares
I just got the flag.
a few issues that I had which might help others out.
1:xfreerdp i got to work once, it kept saying it couldnt log in so i used Remmina like PayloadBunny said but i still got disconnected alot! if your having a hard time getting connection just wait a bit, it will work.
2: I got stuck at the sql log in as well, once you got the password for ‘the other user found on the system’ you need think of this as windows vista when you ‘run’ ssms.
1 Like
When you say ‘you need to think of this as windows vista’, what do you mean by that?
You might have to right click on the short cut and do something.
Ok I got it… about 3 hours here but ok finally it is done!
Some hints here:
- NFS at first… don’t forget be root there
- You will find lot of txt in somewhere… use ls wisely and then you got the txt you looking for
- Use Remmina for RDP… it has GUI
- Have to find another password to gain access to MS SQL
Ok there’s a few steps more but you have to find them… good luck and don’t give up!
2 Likes
I got the first username and credentials but now the xfreerdp doesnt work... I get the "protocol not specified error" and I cant manage to install REMMINA in the instance… I can`t reboot… any hints 
No! I`m struggling as well!
Hello! I keep diggin in the DB but no luck yet! Any hints?!!!
what user can see everything in your computer?
2 Likes
I found the credentials so I can login to “SQL Management Studio”
But I’m totally confused / I am completely lost when I try navigate to find the
needed information in the database/tabs, when I try to use “SQL Management Studio”.
MSSQL and SQL are really not in my comfort zone.
Can anyone help me with hints, please ?
2 Likes
You first need to mkdir 'NAME OF NFS SHARE" then mount that share. if you can not mount it and get an fstab error use sudo to mount and access it
In this type of work there is no true comfort zone. Think back to all the stuff that’s been suggested up to this module and in this module. It’s important to do suggest modules prior to these modules because it helps build fundamentals you might be overlooking.
You need to be in as another user not the first user. If you’ve found both creds in areas then enumerate the access and users on the first set of creds. What users are available on that machine? Think back to enumeration and recon. Common bad practices are re-use. Try different stuff we’ve gathered as recon.
OR if you mean how do you find things within the DB then refer to the link originally posted in this chat. Think about how to craft SQL statements. a “WHERE” statement might help when you at least figure out how to pull the proper tables.
1 Like
Did you find why ?? I’m stuck as well
Same situation here. Logged in MSSMS and lost…Maybe you found a way since you posted. Can you give me a hint?
P.S. nvm i solved it with help from Discord. For anyone still struggling, new to SQL (as myself), this is the query to execute: select * from accounts.dbo.devsacc where name = ‘htb’;
3 Likes
Hi!
Same here. Any luck/hint for us? And what about the info from the stop? Is it useful somewhere, or it is just a reminder?
P.S. nvm i solved it with help from Discord. For anyone still struggling, new to SQL (as myself), this is the query to execute: select * from accounts.dbo.devsacc where name = ‘htb’;
1 Like
Very nice box - thx. Just use what you learned in the previous chapters. It will lead you to the goal.
1 Like