Hello!
I’ve got the svc…o Account and the password. But I don’t know how to continue.
Thanks for a nudge in the right direction via PM.
Tried GetU…py. No results with this account.
EDIT: Thanks, for the nudge in the right direction. Didn’t know, that evil… existed.
i made a tool to assist for foothold,
Read the comments at top of the script before running! very crucial
It wasnt created in regards to this machine, just in general and i thought it would help some people who are stuck here.
finally got root and at the end with all hints within this thread this was a great experience. Thanks for that … even if I had some headache due to device resets 
Learned a lot!
No hints since all you need is already there.
@idevilkz said:
I am stuck same as you are @101001101029A
mimikatz won’t work unless you are an administrator afaik.PM me so we can work on this together as I am failing to get dsacls to work for me to enumerate my newly created user.
Any progress from you? I am stuck here as well. Not sure what to do…
Type your comment> @awarkozak said:
@idevilkz said:
I am stuck same as you are @101001101029A
mimikatz won’t work unless you are an administrator afaik.PM me so we can work on this together as I am failing to get dsacls to work for me to enumerate my newly created user.
Any progress from you? I am stuck here as well. Not sure what to do…
@awarkozak after much head bashing, I had assistance from couple of members and got through.
I was doing most of it right, and was only struggling elevating my privileges but I found out I was using syntax wrong.
For all new user like me, who are stuck for the root part.
+++ You need to make your new user have some special privileges within the domain
+++ for those special privileges you need to have understanding of how Active Directory stores its permissions related data in a context (hint).
@idevilkz said:
+++ You need to make your new user have some special privileges within the domain
+++ for those special privileges you need to have understanding of how Active Directory stores its permissions related data in a context (hint).
This is exactly what I’m having trouble with
I’ve finished this box and it seems like there are at least 2 different approaches (using different tools) to priv esc. One works, the other doesn’t - or at least it didn’t work for me. Trying to understand why the one method doesn’t work…anyone available to explain why?
Got user flag in about 15 - 20 minutes but I’ve spent days trying to get root flag with no success. Can someone please PM me with a nudge? I have the network mapped out with bloodhound, just having trouble finding a way to take advantage
Got root, does anyone know why you have to get someone to walk the dog rather then walking it yourself?
Type your comment> @awarkozak said:
@idevilkz said:
+++ You need to make your new user have some special privileges within the domain
+++ for those special privileges you need to have understanding of how Active Directory stores its permissions related data in a context (hint).This is exactly what I’m having trouble with
read up on DCSync rights.You are nearly there
Help badly needed with root. I can create a new user, add him to two groups found by the dog, two others for remote access, but I’m still unable to run I*****-A*****.ps1 and/or m******z.
I think I have to add him to some local group, but I’m unable to make it work.
Hi,
Can someone give me a hint on how to get the users hashes?
Thanks!
isn’t the administrator enough?
Stuck trying to get root. I was happy being evil and I chased the path of the dog which seemed to work until I got to the end and I tried invoking the cat to take a bath but he wont get near the sink.
I thought I was really close but after reading all the comments here I see a lot of folks refer to adding their own accounts to the box but I can’t figure out how they did that. I think my dog was barking up the wrong tree and now I’m completely lost. Any body have any pointers to help me find the right trail?
Big thanks to @idevilkz for helping me out and pointing down the right trial!
Hi, I am stuck as I am not used to AD on windows machines… Got the user an his pass but am totally unaware what to do with it now!
I would prefer more than a nudge, maybe someone is willing to become my mentor?
Please PM!
I just got this one finally! Really nice to learn some new tools v impressed by the Dog tool particularly. Also surprised how Root took so long even after i figured out what i needed to move forward.
my advice for root is not to bother with all these pre-made auto-pwn scripts/tools out there when trying to gain your “special permissions” because they don’t work from my experience. Once you work out the name of the permission you need you can acquire it yourself with powershell, google will show you how. The bit that really screwed me over was i left off the keyword ‘All’ Once you get this bit the rest will be easy
i need help on root please i have the admin account, but now i am stuck
nevermind i am an idiot
Guys i don’t get it. I mean is the dog even usefull or does it only show wrong paths?
I don’t see any path to get dsc permissions except over Ex*** Groups, wich didn’t work for me and a lot of people. Stuck
Very nice box with a steep learning curve for anyone unfamiliar with AD - showed me my shortcomings quite nicely