Official Mailing Discussion

Bit confused. I telnet into the server. But the Admin password I decrypted from the h**********.ini is not working. Am I using the correct password? Appreciate the pointers here.

I’m confused, I’ve already established myself as an admin :face_with_monocle:

FOR ROOT: The tool was created by python CVE script, uploaded to the machine. Executed the uploaded file. Nothing happens. Any nudges or hints on this? Thanks

FOR ROOT: The tool was created by python CVE script, uploaded to the machine. Executed the uploaded file. Nothing happens. Any nudges or hints on this? Thanks
If you need help with user I can help. Feel free to DM me.

I found the Admin password, but IMAP and SMTP are not accepting my login with any of the email-addresses I tried. I know the password, but am still stuck.

Hey All, I’m a little lost on how to navigate continuing this box.

I’ve discovered the L** but can’t seem to find where I need to go next. I’ve been reading the docs and tried a decent amount of stuff, but can’t seem to find h********** within the places I have searched. I’d appreciate some guidance on where I’m missing the hint here.

Hi am I on the right path with \\ IP/Share. Just I can’t trigger a response. Thanks

1 Like

going absolutely nuts on this one. I know for absolutely certain im using the correct CVE to capture the N*** but i get nothing on the magical kali N*** capturer tool

im having the same issue, did you figure out what was happening with the no response of a ntlm?

1 Like

wanted to reply to myself incase anyone finds themselves in the same boat -
the key is, be patient.

need help, found ***.ini file with hash and ***.vbs file but cant seem to decrypt it with the ***.vbs file, one hash can decrypt, but the other can’t.

I saw the instructions, and check the mail-clients but I can’t find out any CVE or something.

I have a question, do we need any manipulations with the email client, phishing, reading emails and so on. Or is the attack vector different?

I’ve got the CVE and valid SMTP credentials, but I’m not getting any NTLM hashes.

I’ve tried four different PoCs, and they all say the email was sent, but I can’t see it in Thunderbird. Any chance someone can help me troubleshoot this via DM?

Update: got the user.txt

any hint on which cve to use?

DMd

Any hints to exploit root ? which binary would be the way to go about ?

First of all, watch for scheduled jobs.
And then do some research.

1 Like