Need anyone available rn to give me a nudge real quick.
I have one bit that has me confused and could use some help.
@lesleybw said:
Need anyone available rn to give me a nudge real quick.
I have one bit that has me confused and could use some help.
Are you still stuck?
I found credentials for T*r using the lower port but I didn’t figure out how to use them except to find this one file inside the users home directory.
I found a lot of directories using t on the higher port but I can’t do anything else here.
Running queries is obviously not the key. But I can’t get into any of the interesting directories with the credentials I got so far. On the higher port I was only able to list directory content, nothing more.
What am I overlooking?
Oh, and sorry for not reading through 29 pages of discussion (I made it through nearly half of it, though…)
need some advice on what to do with the debug command. i guess i have to find the administrator’s hash somewhere?
@paidtheprice said:
need some advice on what to do with the debug command. i guess i have to find the administrator’s hash somewhere?
yep
Type your comment> @xInSanity said:
a nudge for linux users : use telnet not nc for the other port
you can delete if it considered a spam
Oh boy ! Thanks a lot ! I was getting crazy(ier) …
Type your comment> @PtiRasta said:
Type your comment> @xInSanity said:
a nudge for linux users : use telnet not nc for the other port
you can delete if it considered a spamOh boy ! Thanks a lot ! I was getting crazy(ier) …
You are very welcome
respect if i kept you sane haha xD
@VbScrub Kudos on this box. I really enjoyed the start to finish of going through this without any CVE exploits, just enumeration and ingenuity.
The empty file remains empty though I already tried the “data” thing. Maybe I am doing it wrong!? Can someone PM me?
Edit: I. AM. STUPID. Got somehow confused. Forget this post.
finally got root! what a journey (for me) excellent work @VbScrub. thanks to @TazWake and @ivnnn1 for some nudges
Type your comment> @CodeGlitch0 said:
@VbScrub Kudos on this box. I really enjoyed the start to finish of going through this without any CVE exploits, just enumeration and ingenuity.
thanks, that’s exactly what I was going for with this 
finally rooted, thank’s @VbScrub for this box.
this is my 1st experience in windows box, i learned a lot.
thanks a lot to @TazWake for the nudge
Holy Molly! This is definitely not an EASY box… Finally Rooted. Reverse coding, disassembling of .exe, cryptography and A LOT of ENUMERATION! But that was fun)
What can I say… Just →
Hello guys I am stuk on enumeration, even There is only one available Port… I see that the target machine run SMB,I tryed everything, googling,dirb, dirbuster,NSE,Legion, nikto, I tried several exploit I found with searchsploit by terminal, nothing, nothing is working… Please someone can help me with suggestions,article,or write up of retired machine that are like this? Thanks.
Just rooted it, but had to do few bits on a Windows machine. I am wondering if someone could let me know how the Priv Escalation part is done on Linux?
Learn good few bits and pieces and most importantly, learned that I still sucks at Windows “hacking”
Thanks a lot for the box…
@CyberGeek01 said:
Hello guys I am stuk on enumeration, even There is only one available Port… I see that the target machine run SMB,I tryed everything, googling,dirb, dirbuster,NSE,Legion, nikto, I tried several exploit I found with searchsploit by terminal, nothing, nothing is working… Please someone can help me with suggestions,article,or write up of retired machine that are like this? Thanks.
There should be two but you’ve found the one you need to concentrate on.
Dont focus on trying to attack this with MSF, it only really becomes useful once you’ve got the root creds and by then you’ve pretty much done it.
Thinking about the port you found, running enumeration techniques normally used against web servers (80/443) seems a bit odd so you might want to move away from that.
You might find this link useful: A Little Guide to SMB Enumeration - Hacking Articles
Type your comment> @TazWake said:
@CyberGeek01 said:
(Quote)
There should be two but you’ve found the one you need to concentrate on.Dont focus on trying to attack this with MSF, it only really becomes useful once you’ve got the root creds and by then you’ve pretty much done it.
Thinking about the port you found, running enumeration techniques normally used against web servers (80/443) seems a bit odd so you might want to move away from that.
You might find this link useful: A Little Guide to SMB Enumeration - Hacking Articles
I really thank you! Sorry but I am really noob with Windows hacking, and from this experience I already learn that I need to focus more on Windows!
Thanks! I really apprecied!
@CyberGeek01 said:
I really thank you! Sorry but I am really noob with Windows hacking, and from this experience I already learn that I need to focus more on Windows!
Thanks! I really apprecied!
No worries - this is a common theme. If you use Windows as a host for your Kali VM, the main thing I’d suggest is look into what the host OS is doing a bit more.
Most Windows enumeration is simply understanding what the OS is trying to do behind the scenes and you can see it on your own PC an awful lot of the time.
can you help me with root? I am stuck. able to run vb scripts with windows.