Official discussion thread for Analysis. Please do not post any spoilers or big hints.
Anyone got started yet?
Yeah but still looking around to find a foothold.
Same, same.
You shouldn’t post spoilers like this publicly, please delete it.
that’s a little bit to much of a spoil buddy , not the time for it should be deleted
still no clue
same here too. All enumerations come blunt.
Hey guys,
I have a reverse shell on the box, anyone can tell if the file in “…” is a rabbit hole? I’m stuck. Tried to use the tool they used, but it asks for a password…
Found the password but have an error now: malformed text or I don’t know what. I’m going crazy!
After spending most of the day from about 11am to 9pm I have FINALLY managed to get some working credentials. This has been an absolute slog. Enumerate, enumerate, enumerate. You need at least 4 different enumeration and bruteforcing techniques to get this far. Don’t give up!
am i loosing my time with mysqlx ?
I would say so, yes
1 Like
Well, that’s user done. Took me way too long in hindsigh, especially the foothold. Missed a few key clues, skipped a few key steps, but got there in the end. TIme for bed. SYSTEM can wait for tomorrow. 
2 Likes
French makes this one hard for me.
I cannot even scan the box with nmap. Some kind of firewall is dropping ping requests. I tried different techniques to evade it but to no avail. Anyone got any hint on what nmap flags to use?
Did you try -Pn ? Normally you should have no issue with the scan, except your VPN is having issues. Download new one.
1 Like
i got shell and i need a hint for user flag