Footprinting medium machinr

Ah, I see…
I hate when HTB does these kinds of stuff, not the first time. I understand that we need to learn but this is just stupid. I like the content but the tasks are horrible at best. Might need to rethink if i want to use this service anymore.

My question to HTB staff, how can I know this if I have never even encountered it before? How can I research into something that I did not know was possible?

check the characters, some may not be what you think they are.

Please what command did you use to mount the nfs

Please share your commands

Do you still need help?

I have the sa password but cant use the sa password with administrator, it says wrong credentials. am i missing something?

Yes, i cant open the mounted NFS file, it is showing permission denied. Even though, i tried to create another user with the same userid and group id. i can’t still access it. I will appreciate a step by step guide. Thanks

[koleademola] try to read this all :wink:

For anyone struggling to connect to the machine via RDP, try using Remmina as some others have previously stated. It took me too much time to manage to log in via RDP with the correct credentials when using xfreerdp, which was returning an error STATUS_LOGON_FAILURE (which prompted me to think it was the invalid credentials). This is the experience from the Pwnbox, not sure if it’s the same via VM, but thought to give some help in case somebody gets stuck with this same problem.

Good luck!

1 Like

just look at the cheatsheet. there wil be something under NFS

RDP is not working at all for me ugh. I found the username and password but nothing is working :confused:

Are you not able to log in with any user via RDP at all?

This helped a lot thank you so much!

njutn95’s recommendation of using Remmina worked perfectly. But thanks for getting back to me so quckly!


Well I was able to get RDP’d in, but I have no idea how to find the password for MSSQL

Edit #2:
Nevermind I found it, was looking everywhere except the alex directory.

net user should give you the list of users in box;
guest, user1, User2 ;

using powershell/cmd
runas /user:<user> program.exe

choose windows authentication on MSSQL authentication method;

to enumerate MSSQL server follow guide below.
[1433 - Pentesting MSSQL - Microsoft SQL Server - HackTricks]( hacktricks MSSQL)

Thanks bro

Hey @ramps14 how do you find the “important.txt” file?

forget my question @ramps14 I found already the “important.txt” file

Many thanks for your root squash hint!
I thought I was blocked by the server authentication and wondering why the enumeration tools can read the file list but I cannot …

there is no MSSMS or mysql port open Any hint