Sounds like your VPN is not connected or possibly the machine is not up, there’s nothing stopping you from scanning.
found 7 accounts but no valid password 
Hello. Can someone please direct me on the wordlist used for fuzzing the hostmaster ?
Somehow when you are in that box it is possible to do a quick-step and even get root before user not really straight forward this box. But it was fun to check out all the possibilities, feel free to pm me for hints.
Got a little sidetracked, but had some time this evening. 
Edit: Thinking some more about it, I don’t think snort is the intended way, the intended way I think is via bctextencoder and wsmith.
Edit2: The path I described definitely works. I tried it by logging in as wsmith using a domain dump I made earlier, then ran through the intended privesc. That part is really easy actually. The hard part about root is all about getting access to BCTextEncoder.
Edit3: Did root the intended way. Cool technique, a great learning experience for me!
1 Like
Woo!
Sorry but is it me or the web page doesn’t work 'cause it always returns error 404
Edit: its ok
I have user, but completely stuck trying to privesc to root.
Somes issue with BC** good pass** but error message then deco** 
The road to retrive BCTextEncoder password is tough but interesting.
Advice from chillywilly on another forum is helpful.
Hello, same problem here
Hi, I am stuck with the initial access. I think there is the possibility to retrieve a password by fuzzing me in, but after some characters that seem to be right it does not work anymore.
Has someone a hint how to get into that machine?
Regarding BCTextEncoder, I found what seems to be a valid password, but it’s causing “Error in decoding text” error. Is this a problem that needs to be fixed, or…?
you are decrypting the wrong one…