Mantis Writeup

V3ded · February 27, 2018, 5:53pm

Been a long time since I logged in for sure… Life has been busy :). Here’s my attempt to sum up the mantis machine:

HackTheBox - Mantis writeup

Note: I’m also changing my blog theme and therefore everything will be moved in few weeks. Will update the links once I do so! Enjoy…

peek · February 28, 2018, 12:09am

very cool

ponder · March 8, 2018, 1:37pm

Sorry.I have a question.
How could we know james can logon in the sever use pyexec?
Thanks!

V3ded · March 25, 2018, 4:21pm

Well, we didn’t. In fact, this method wouldn’t work normally. All of the shares we had access to as james were “non-writeable” and therefore we wouldn’t be able to get a shell using this technique.
HOWEVER!
Reason why we got psexec to work is that the author of the box forgot to clean after himself. He left a certain service running which allows all the communication to be done through windows pipes. We are able to to overtake this pipe and get a shell… @ponder

I’m very sorry for my late reply, I don’t really check the forums often. Time is tight. If you want to get into contact you can try my twitter. It’s the same handle as HTB