Just got the user… it is not hard… but it is tedious… until I am force to learn more about smbclient’s function… which made my life easier… and I know why it is known as nested…
EDIT:
Just got root.
Hint:
Very important to keep notes, else you will turn out to repeat things you have done and forgot things you have not done.
User: Dun bother anything else just enumerate the shares.
Require you to stitch up codes, do not remove the stitched codes you need for root
Root: Read about NTFS alternate stream, this is the hardest, if you can get pass this getting root is easier than you think. Also I use ILSpy or dnspy you need this tool to hunt for item
This machine has a lot of twists, you got the item from a clue, but this item requires more processing until you get the actual product.
It is like RPG game when you need to find several ingredients to forge an ultimate weapon for the final boss.
for people using trashy online compilers for linux: Note the .NET core CLI is open sourced and installable on Linux. I didn’t know at first and really struggled to get that working (didn’t want to wait all day to install Visual Studio), but now I learned I can just build .NET projects on Linux. Neat!
for people using trashy online compilers for linux: Note the .NET core CLI is open sourced and installable on Linux. I didn’t know at first and really struggled to get that working (didn’t want to wait all day to install Visual Studio), but now I learned I can just build .NET projects on Linux. Neat!
@emjay12 said:
Just got user. Every step was easily doable, but that thing with the directory permissions really threw me off. But now I know better for next time.
Yeah I figured that might trip a few people up, but its default behaviour in Windows for it to not check permissions on every part of the path so thought I’d try make people aware of it if they weren’t already
Finally got root. Thanks @VbScrub for the excellent box, it made me learn a lot of new things especially on reversing and enumeration on a windows box.
Is the file D**** M*** P******d.txt is suppose to be blank?
Yeah I am in the same boat… I think it shouldn’t be empty… I have the 2nd user, got the HL*.exe, disassembled it and I think I would know how to move forward if I have the D***G password. I know where to use it and what advantages could it give me.
Yeah I am in the same boat… I think it shouldn’t be empty…
Are you sure it is empty?
No, I’ve just found the way in. I have never heard of this method and never used those commands in s*******t. Luckily after some research I found what I need.
No, I’ve just found the way in. I have never heard of this method and never used those cmmands in s*******t. Luckily after some research I found what I need.
No, I’ve just found the way in. I have never heard of this method and never used those cmmands in s*******t. Luckily after some research I found what I need.
Cool - good work.
Yeah finally, after some struggling I have finished this machine. I’ve started to complete easy machines as I haven’t done any machines for a while. And now I could cry because after I have done OSCP I tought it would be ezpz. But to get this machine you need some basic understanding in that specific language; which I don’t have yet and also good enumeration skills. This machine tought a lot of things especially how to handle the “empty file” misery.
So at the end I am feeling very honored that the author has released this machine and we can learn such a lot of good things from it. BTW I would rate this machine a medium one.
