Netmon

Chung · April 16, 2019, 8:21am

I’ m stuck at credentials part could someone pm me a hint?

j0nny5 · April 16, 2019, 8:32am

Some assistance - i have access to the app, i have an exploit that is supposed to be creating a .txt file in some public directory - but the file is not being created… is this permissioning in the directory or is the exploit not running right - it appears to contain minimum error checking - can anyone offer a pointer?

Manb4t · April 16, 2019, 4:55pm

Nudge please via PM. I have executed the exploit script and the user has been added but struggling to get access via the service s**. Gentle nudge if possible. THanks

lampmanjosh · April 16, 2019, 5:36pm

Type your comment> @Manb4t said:

Nudge please via PM. I have executed the exploit script and the user has been added but struggling to get access via the service s**. Gentle nudge if possible. THanks

Same here. I exploited, but not able to login to service.

PavelKCZ · April 16, 2019, 6:00pm

There can be problems with server reset between exploit script execution and subsequent work under the newly added user.

But you can put both things in one shell script and execute this form of attack. In such case, the new user is created and just after that, the second part of attack is executed as soon as possible.

j0nny5 · April 16, 2019, 6:55pm

Type your comment> @PavelKCZ said:

There can be problems with server reset between exploit script execution and subsequent work under the newly added user.

But you can put both things in one shell script and execute this form of attack. In such case, the new user is created and just after that, the second part of attack is executed as soon as possible.

but if the file is not getting created tehn the exploit didn’t work - correct?

PavelKCZ · April 16, 2019, 7:02pm

I don’t know. I never used any “file creation” exploit and I definitely did not used any artificially created *.txt file anywhere.

mrZapp · April 16, 2019, 7:11pm

hi guys

this box is the first one I do here on this site, so I can still learn a lot, and so I enjoy the learning process immensely.

I have searched and found a lot to get root. user was not a problem at all, but now I’m really stuck.

found an exploit via google but, I get stuck here must take a step and have to verify it before I can continue. someone a hint or tip.

you would help me a lot with it

s0kIt · April 18, 2019, 12:38am

Type your comment> @PurePi said:

Type your comment> @blackbestbb said:

Type your comment> @PurePi said:

Woohoo! Got root and user.
Good starter box.

PM me if anyone need hints

bro in netmon active mission.i cant find there root.txt in this mision please give me a hint.please

@blackbestbb root.txt can be found in C:\Users\Administrator\Desktop directory on all Windows boxes.

Thanks PurePi, was my first Windows box and only thing left I needed to know is where to find root.txt

Shoutout to Farbs for all the nudges

PapaShango · April 18, 2019, 4:06pm

what year is it! thank you!

H0nestAbe · April 18, 2019, 9:03pm

I am having two problems

A.) consistently triggering my script to run on the application.
B.) I’m unsure if my command is running correctly, or how to confirm that it is.

Am I on the right track? Any hints

Creegz · April 19, 2019, 1:57am

Did somebody reset the password again?

arkountos · April 19, 2019, 12:51pm

This is a great challenge for any noobs here, as it can be solved following the hints in this thread while learning about a lot of different services and programs affiliated with Windows machines

dragonitesec · April 19, 2019, 2:56pm

guys, I got everything but my reverse shell keeps dying. I just got to root.txt but it died a millisecond before i could read it.
tried other payloads, other shells, but i’m really at the last step. what am I missing?

Creegz · April 19, 2019, 4:36pm

Finally got it. However people, please stop brute forcing it and rebooting it. That took me the most time. Also I did stare at something and not realize that was what I needed to own user. So don’t blast ahead, take your time.

kwong240 · April 19, 2019, 4:41pm

i m trying to find cred with f** and use an rc* exploit with the cred, just wonder am i on the right track? i cannot find anything after searching for a few hours with f**. Is there anything to do with the d** file?

Creegz · April 19, 2019, 4:51pm

Historically the credentials were saved somewhere in plain text, you just have to find where that is.

EzyPzzy · April 19, 2019, 5:15pm

fun box

hints for those stuck on the credentials, you will run into lots of files that look similar but one holds the password in plain text.

rippenkill · April 20, 2019, 5:26pm

This was my first box and I had a great time! Root was not as bad as I thought, it’s really all the resetting being done that’s making life tough.

My piece of advice would be: Once you get the P*** creds and successfully log in, YOU DO NOT NEED TO CHANGE THE PA******! That just causes more resets and slows things down.

Do your research on the app, you will find what you need!

wingsofwax · April 20, 2019, 7:07pm

Hey there! Thanks for all the tips especially @PavelKCZ ! Newbie here. Netmon would hopefully be my first Active box (did 3 retired via walkthroughs). I’m close to the finish. Already found the user days ago but I got stuck with digging for root for days. Now, got the correct credentials and successfully ran/found the app’s exploit. But got stuck again; can’t seem to enumerate for the correct a vuln for the service(s) hinted. Would appreciate more hint on this, thanks!

edit: FINALLY! I’ve got into root! Netmon, my first active box!