I also am looking for a hint from L******9 to root if anyone can offer a hint
Still the same.
âOperation did not complete successfully because the file contains a virus or potentially unwanted software.â
Hi Everyone,
I would sincerely appreciate any piece of hint on how to upload/download using
Summary
xp_cmdshell
. Trying to get a reverse shell or at least dump the
Summary
ME****.7z
but it seems the security policy is blocking every single approach I can think of.
Merci beaucoup!
Hi all,
I found the cred with mimikatz, but dont know how to use it. Anyhint?
Thanks <3
Can someone give me a hint on how to get Ru***Cs on the box? Every type of upload seems to get blocked. They have a size of 0 and cant be deleted or executed because they are used by another process.
Make sure youâre in the current user directory and then download it with curl with -o flag . Worked for me
1 Like
It is so weird. It just does not work. Neither with the xp**ell, nor with the shell i got on sqc 
Did you manage to find it in the memproc mount?
Im stuck in this one too :3
for me mimikatz throwing error âerror kuhl_m_sekurlsa_acquireLSA; memory openingâ in mimikatz. How to resolve it. Memprocfs is working but any hints where to find something juicy
Is anyone else getting a 500 server error on this disgusting machine or is it just me?
2 Likes
Which part are you on? The initial foothold with svc_acc? or A user?
I had issues with RevShell on my first attempt, I had to reset the box a couple of times for it to actually work.
There is a part where you need to evade windows defender but im not sure its this part or not @SkilledLeaf mentioned powercat should help you could give that a try.
1 Like
Is csrfmiddlewaretoken what I should be looking for ?
Yea same
For the IDOR youll want to look at the URL link itself. Click between different users that posted the jobs. Youll notice a distinct difference. Then you just need to manually enermurate to find the âadminâ account.
you could script it but its not worth the time you can get it quickly with manual enumeration.
Do it with the SQL command template.
Curl and wget run locally will get blocked.
Upload it the same way with xp_cmdshell.
I used Impacketâs smbserver to transfer a file.
The shell might be blocked by Win Defender when trying to copy into the server, but getting a dump file out of it doesnât seem to be nothing that would be blocked.
If it isnât big enough try to read it into b64 and converting back in your machine, that would also be an alternative.
1 Like
any hints from m************n to this one?
If anyone unable to upload nc on the machine, try to upload it on the c:\windows\temp directory
When i use Windbg x64 + mimidum.dll (in x64 folder) => Everything is OK but the password from this canât login or do something