For the root stage, I can’t seem to give the Alf account the permissions that the hound suggests but I can creat my own user and give that permission. I can’t however give that new account permissions to login so I’m stuck.
Any hints please? I’ve been stuck on this bit for the last 3 days solid.
I’ve walked the dog. I’ve added myself to the things that link me to the thing I want. Clearly the dog says I’ve got what I want (three times, even), However. when I actually go to setup the object or priviledge, I’m totally lost
@btwiusearch said:
Rooted.
Tears where shed and joy was had but at the end of the day, my AD knowledge and windows exploitation is vastly improved. Three days for the root lol, just about as I was going to go to bed as well.
Has this weird thing happen to me, idk if this was the case with anyone else but just incase you are struggling with that error mentioned on the cat: you have a literal 10 second window before your privesc breaks. Might of just been me. You can use scripts to help automate this so you are in time to get something out of the cat.
I thought I was going crazy, but yes I noticed something like this…
I am really stuck with root on this one. Got the BH onto PS using EW-* but it doesnt give results. Tried remotely but getting heaps of dns errors. Very lost on what to try now
@shakaaa said:
I am really stuck with root on this one. Got the BH onto PS using EW-* but it doesnt give results. Tried remotely but getting heaps of dns errors. Very lost on what to try now
@shakaaa said:
I am really stuck with root on this one. Got the BH onto PS using EW-* but it doesnt give results. Tried remotely but getting heaps of dns errors. Very lost on what to try now
there’s a python thingy for the hound that works
that one puts .localdomain at the end of the domain name for no reason
I am really stuck with root on this one. Got the BH onto PS using EW-* but it doesnt give results. Tried remotely but getting heaps of dns errors. Very lost on what to try now
Desperately trying to get root for days now. Just give me a nudge: do I need to create a user and login with that user or can I use remote tools to get what i need?
Because I found an interesting privesc method, but I need to login to use it and I can’t find a way to do it. It could be useful to know if I’m losing time or not.
Desperately trying to get root for days now. Just give me a nudge: do I need to create a user and login with that user or can I use remote tools to get what i need?
Because I found an interesting privesc method, but I need to login to use it and I can’t find a way to do it. It could be useful to know if I’m losing time or not.
I used both of them. Using remote tool was the last step.
Desperately trying to get root for days now. Just give me a nudge: do I need to create a user and login with that user or can I use remote tools to get what i need?
Because I found an interesting privesc method, but I need to login to use it and I can’t find a way to do it. It could be useful to know if I’m losing time or not.
I used both of them. Using remote tool was the last step.
Just to be clear: you managed to login with a user you created on the domain, right? Not just the user needed for the initial foothold.
Thanks.
Desperately trying to get root for days now. Just give me a nudge: do I need to create a user and login with that user or can I use remote tools to get what i need?
Because I found an interesting privesc method, but I need to login to use it and I can’t find a way to do it. It could be useful to know if I’m losing time or not.
I used both of them. Using remote tool was the last step.
Just to be clear: you managed to login with a user you created on the domain, right? Not just the user needed for the initial foothold.
Thanks.
Hello to everyone.
Im kinda stuck, cause I can’t get output from Sharp or Blood even with specified domain/ldap port/domain controller and over also Ive tried exec bypass, with no results.
What should I use instead of Evil and any advice will ve apreciatable; thx