Official Escape Discussion

lim8en1 · February 28, 2023, 1:10am

Sure, pm me

whysohard · February 28, 2023, 11:59am

Any PE Scripts/tools can recommend?

Upgradetp · March 1, 2023, 6:23pm

Can anybody give me a hint?

lim8en1 · March 1, 2023, 7:58pm

Sure, PM me

illuminatum · March 1, 2023, 8:14pm

Can someone give some hints to how get PE to admin?

cjvert · March 2, 2023, 4:16am

Only hint you need it to investigate the machine

ankitosh · March 2, 2023, 7:12am

Got user flag: any hint for PE please.

Paradise_R · March 2, 2023, 10:23pm

If you needed to pass though a door that leads to the VIP room, but there was a three headed dog in front of you that asks for a ticket, how would you forge your own?

I sent you a message related to this topic, I hope this riddle is useful for anyone coming

byf1sh · March 5, 2023, 8:55am

can u give me some hint

lim8en1 · March 5, 2023, 3:39pm

Sure, pm me

DedHorse · March 5, 2023, 7:15pm

Hey, I’m having a technical issue. Every time I try auth I get back KRB_AP_ERR_SKEW(Clock skew too great). I tried everything I could find on google but nothing seems to be of help. I checked multiple times and my time is the exact same as the box. If anybody had the same issue and managed to fix it please let me know how. Cheers.

breachr · March 5, 2023, 11:04pm

I found some creds for a sql server. However the typical port for this type of SQL Database is filtered (ran nmap 3 times and cant communicate with that port). All the other ports are not showing signs of SQL either. Is this box broken maybe?

lim8en1 · March 6, 2023, 1:48am

Try changing your OS system clock. You can get the time difference from nmap scan I think

vampire126 · March 6, 2023, 1:14pm

I currently have the credentials for the sql account
There is SeImpersonatePrivilege, but I cannot elevate privileges
I don’t know what to do next

Wr0ngDrunk · March 6, 2023, 11:07pm

If there is no access restriction, the privilege escalation to admin will be much easier…

breachr · March 7, 2023, 6:24pm

Reseting the box fixed the problem. A friend of mine had the same problem. So if you dont see a port which should be open, reset the box!

samuelh · March 7, 2023, 8:09pm

can someone give me a hint, i got a pdf use smbclient. Dont know if thats something valuable. Anyway im stuck please help!

shoebill · March 8, 2023, 8:46am

how confusing!
it says " Logon failed for user …"
cuz of this it took me time to get the user flag

shoebill · March 9, 2023, 11:37am

i rooted btw, escape from what?
though the name of box is related to its contents, im not sure this time

Javascripter1 · March 10, 2023, 5:54am

I’m pretty stuck at gaining admin on this machine. I’ve managed to gain access to Ryan from sql_svc, and I’ve found the PFX file, but I can’t seem to sign anything with it using SignTool. Any nudges?