Rooted, it’s a nice box, good enumeration practice for Windows.
Lots of hints already in this discussion thread. For user, there’s one level of indirection to get another user using a well known method for enumerating users on a well known port. For root, look at what’s running, which user is running it, then look for data.
PM for hints.
Hi 
if is some “bruteforce” for login to a service , a small wordlist with u****me is ok ? Overwise Is very long
Type your comment> @christrc said:
Hi
you don’t have to bruteforce anything
Problem with username … seems not working … (works in s**) but not in a service in a higher port 
Finally Rooted 
@MinatoTW A good box, for me it was a new approach on the Root PrivEsc. However, it was fun.
3 usernames and passwords that don’t work anywhere is this to throw you off?
Hints for user:
Going for root now
Edit: Hints for root:
Type your comment> @juggydancesqd said:
3 usernames and passwords that don’t work anywhere is this to throw you off?
Careful saying they “don’t work anywhere”…
Thanks for the help everyone I was able to root this box. Props to @V1s3r1on , @gexus , @zkvo , @0x6a666c6a72 , and @sazouki for making my 1st windows box on HTB a success. I went to your HTB profiles and gave you all respect. Thanks again
Got user, thanks @Silv3rDawg23
Rooted. Pretty much all you need has already been said in this discussion. Feel free to PM me if you are pulling your hair out xD
Rooted.
If you need a nudge in the right direction, feel free to PM me.
Guys, I’ve set of username apart from initial 3 and passwords, but when i try all combinations it won’t work! Can any1 help me??
for root, is the k***.** file a rabbit hole? There doesn’t seem to be a l****.**** file to go with it…
Rooted. If anyone wants a nudge, shoot me a PM
Rooted Finally Thank you @paulieh and @odinshell respect has been given!
Could anyone give me a nudge on user.I have 3 passwords and 2 users, but they don’t work.
ROOOTED!!!
AND I REALLY ENJOYED IT!! Thanks to the maker!
In somehow windows machine are always different and there is always something new to learn, this one has been pretty fast but I needed to learn new tools and ■■■■… so cool!
few hints:
user: if you have 3 passwd but nothing fit inside, there is an impacket tool
root: i don’t know if i have been lucky but I noticed some processes i usually see on real machines but not on htb , the first attempt gave me everything very clearly, 1 tool is needed
If you get stucked PM for any hint
Rooted. Thank you @naveen1729 for your help and of course thank you @MinatoTW for a great box.
For root
why can i only find two users and passwords?