I am stuck on root, can someone PM me a nudge? Thank you
Hello - I’m also stuck on root.
Hopefully someone can give me a push or discuss some things to move forward.
Please PM me… I like this box!
…nvm - got root
Nvm, got user. No clue for root
Stuck on initial foothold, would really appreciate a PM, thank you so much in advance.
Hello everyone!
Finally I managed to obtain User & Administrator privileges on this machine.
Thanks to @ElVi7MaJoR and @ox4lis for their help! 
I’m not sure what I did it in the intended way, but I still learned a lot.
Thanks to author @cube0x0 for this awesome machine!
I think this is one of the best Windows machines with Active Directory at the moment.
If you get stuck somewhere, PM me 
I finally had some spare time and I thought I’d look at this box. At the moment I feel I am in a rabbit hole as the only content I can find seems useless (and scraped as others have mentioned).
Now I am basically going into a hail mary enumeration approach and some scans which are likely to take hours to complete. Fingers crossed.
— edited to add —
It does take hours. The process is fairly straightforward and based on standard Windows enumeration. It is just really slow and often needed resets.
This would be much harder on a free VPN.
Just feel the need to update because progress is slow.
The approach seems reasonably simple, but the execution is hard. Cracking passwords which aren’t in RockYou seems… unfair… and normally I’d assume this meant it was the wrong direction. On this box, I cant think of any alternatives though.
— edited to add —
Did anyone root this box without a paid-for service? If so, can you please drop me a line and let me know what I missed.
— edited to add —
I have since learned it was free. I was just too dumb to fully read the service and jumped to assumptions.
Finally got User and Administrator and what a ride. Thanks to @TazWake and @Ox7A59 for the nudges along the way and well done to @cube0x0 for such a challenging machine.
If anyone gets stuck and needs a nudge feel free to PM me.
On the last stages before being able to acquire user (the one before the actual command that will give you user, as far as I can foresee), I get the following error:
[-] SMB SessionError: STATUS_MORE_PROCESSING_REQUIRED({Still Busy} The specified I/O request packet (IRP) cannot be disposed of because the I/O operation is not complete.)
I know that what I am doing is correct, as I had it sanity checked by someone that achieved User in this box.
Looking up the error, I get endless possibilities. I know what is happening at network level, but not why.
Has anyone encountered this error and managed to solve it?
TIA
Type your comment> @fromdual said:
On the last stages before being able to acquire user (the one before the actual command that will give you user, as far as I can foresee), I get the following error:
[-] SMB SessionError: STATUS_MORE_PROCESSING_REQUIRED({Still Busy} The specified I/O request packet (IRP) cannot be disposed of because the I/O operation is not complete.)
I know that what I am doing is correct, as I had it sanity checked by someone that achieved User in this box.
Looking up the error, I get endless possibilities. I know what is happening at network level, but not why.
Has anyone encountered this error and managed to solve it?
TIA
We discussed it together and I have the exact same problem…
I’ve been playing around with ntp but that’s not that… Please someone help us ; I’ve been passing dozens of unsuccessfull commands trying to solve that issue 
@fromdual said:
Has anyone encountered this error and managed to solve it?
TIA
@clure said:
We discussed it together and I have the exact same problem…
I’ve been playing around with ntp but that’s not that… Please someone help us ; I’ve been passing dozens of unsuccessfull commands trying to solve that issue
So, I never encountered this error.
You might want to rethink the tools you are using and how they connect. If you are using an evil tool, you probably need three bits of information.
If you arent using it, or dont have the three bits of information, you might want to try a different approach.
Could do with a nudge on root, I’ve got a very juicy nut, I just can’t figure out how to crack it
Has anyone had any success with service @TazWake mentioned? I submitted token created by interesting script, but it wasn’t cracked - apparently it did not fall into area covered by rainbow tables. I wonder if the hash I’ve got was wrong? I used two different tools (Re*****r and MF) and got same hash.
@sparrow1 said:
Has anyone had any success with service @TazWake mentioned? I submitted token created by interesting script, but it wasn’t cracked - apparently it did not fall into area covered by rainbow tables. I wonder if the hash I’ve got was wrong? I used two different tools (Re*****r and MF) and got same hash.
A couple of people have mentioned this.
When I did the box, it returned an answer via email in about 1 minute with the cracking taking about 30 seconds.
I dont know if they’ve got fed up with people requesting this hash or something else, but I am not sure it is working right now. Unfortunately, without this service, I dont know a realistic way to crack this hash.
I am big struggling to get an initial foothold. The minute that I think I have an idea, I end up getting burned and find out that I got hopeful for no reason. A PM to get initial foothold would be awesome!