Official Mailing Discussion

atutko · May 24, 2024, 4:57pm

Bit confused. I telnet into the server. But the Admin password I decrypted from the h**********.ini is not working. Am I using the correct password? Appreciate the pointers here.

adonaih01 · May 24, 2024, 8:44pm

I’m confused, I’ve already established myself as an admin

m4chx · May 25, 2024, 10:14am

FOR ROOT: The tool was created by python CVE script, uploaded to the machine. Executed the uploaded file. Nothing happens. Any nudges or hints on this? Thanks

m4chx · May 25, 2024, 11:57am

FOR ROOT: The tool was created by python CVE script, uploaded to the machine. Executed the uploaded file. Nothing happens. Any nudges or hints on this? Thanks
If you need help with user I can help. Feel free to DM me.

m4chx · May 25, 2024, 12:12pm

justlucky1gu3ss · May 25, 2024, 12:43pm

I found the Admin password, but IMAP and SMTP are not accepting my login with any of the email-addresses I tried. I know the password, but am still stuck.

Venison · May 25, 2024, 7:26pm

Hey All, I’m a little lost on how to navigate continuing this box.

I’ve discovered the L** but can’t seem to find where I need to go next. I’ve been reading the docs and tried a decent amount of stuff, but can’t seem to find h********** within the places I have searched. I’d appreciate some guidance on where I’m missing the hint here.

7Tenths · May 26, 2024, 5:29pm

Hi am I on the right path with \\ IP/Share. Just I can’t trigger a response. Thanks

stejwes · May 26, 2024, 8:35pm

going absolutely nuts on this one. I know for absolutely certain im using the correct CVE to capture the N*** but i get nothing on the magical kali N*** capturer tool

projectnimbus · May 26, 2024, 9:23pm

im having the same issue, did you figure out what was happening with the no response of a ntlm?

stejwes · May 26, 2024, 11:07pm

wanted to reply to myself incase anyone finds themselves in the same boat -
the key is, be patient.

vutan · May 28, 2024, 9:42am

need help, found ***.ini file with hash and ***.vbs file but cant seem to decrypt it with the ***.vbs file, one hash can decrypt, but the other can’t.

Cyb3rb0b · May 29, 2024, 1:05am

I saw the instructions, and check the mail-clients but I can’t find out any CVE or something.

Darcia · May 29, 2024, 1:16pm

I have a question, do we need any manipulations with the email client, phishing, reading emails and so on. Or is the attack vector different?

BrunoRM · May 29, 2024, 5:41pm

I’ve got the CVE and valid SMTP credentials, but I’m not getting any NTLM hashes.

I’ve tried four different PoCs, and they all say the email was sent, but I can’t see it in Thunderbird. Any chance someone can help me troubleshoot this via DM?

nikko23 · May 29, 2024, 10:00pm

Update: got the user.txt

danipass · May 29, 2024, 10:15pm

any hint on which cve to use?

nikko23 · May 29, 2024, 10:15pm

DMd

nikko23 · May 29, 2024, 10:29pm

Any hints to exploit root ? which binary would be the way to go about ?

FoxFromTheBox · May 30, 2024, 7:28am

First of all, watch for scheduled jobs.
And then do some research.

Topic		Replies	Views
Root Jeeves Machines	6	1788	December 29, 2017
Official Response Discussion Machines	13	1709	January 1, 2023
Official Attended Discussion Machines	68	6164	May 3, 2021
Official Undetected Discussion Machines	62	5611	June 27, 2022
Official Outdated Discussion Machines	70	7950	December 14, 2023

Official Mailing Discussion

Related topics