Can someone please help me with the below challenge or point me to the correct the redirection?
What's the content of the file: \\DC01\Secret Share\flag.txt?
Can someone please help me with the below challenge or point me to the correct the redirection?
What's the content of the file: \\DC01\Secret Share\flag.txt?
I am monitoring the ticket with .\Rubeus.exe monitor /interval:5 /nowrap
on Server01$ (unconstrained delegation) but looks like I am missing something.
I could use help on this as well, not sure what I am missing here but I cannot figure out how to access the share. Thanks!
I got it… make sure to open your powershell as admin. And renew the ticket
Try using the command type \\DC01\Secret Share\flag.txt
at your computer’s command prompt to view the contents of the flag.txt file located in the Secret Share share on the DC01 server.
I am running rubeus and after rebooting several times there is a user called jake. Did you solve it using the jake user or was there an other user?
thanks
did you ever figure it out? the user jake is not a domain admin and i tried the printer bug, that didnt work either.
nothing works i even used ptt with mimikatz but they user jake.kirk doesnt have the proper permissions
Update: got the flag, it is a simple case of overcomplicating of my side.
Leaving the hints below for the future, and a non-technical one: don’t think privesc, think access.
Seems that I got stuck here as well:
Anyone knows what am I missing?