Mantis Writeup

Been a long time since I logged in for sure… Life has been busy :). Here’s my attempt to sum up the mantis machine:

HackTheBox - Mantis writeup

Note: I’m also changing my blog theme and therefore everything will be moved in few weeks. Will update the links once I do so! Enjoy…

very cool

Sorry.I have a question.
How could we know james can logon in the sever use pyexec?

Well, we didn’t. In fact, this method wouldn’t work normally. All of the shares we had access to as james were “non-writeable” and therefore we wouldn’t be able to get a shell using this technique.
Reason why we got psexec to work is that the author of the box forgot to clean after himself. He left a certain service running which allows all the communication to be done through windows pipes. We are able to to overtake this pipe and get a shell… @ponder

I’m very sorry for my late reply, I don’t really check the forums often. Time is tight. If you want to get into contact you can try my twitter. It’s the same handle as HTB :slight_smile: