Official Omni Discussion

Rooted. Much thanks to @jkana101 for hint.

@GodPwned said:
Any hints for initial foothold ?
I’m kinda stuck :neutral:

search for the famous exploit on windows IoT.

Rooted!! By the way, how did everyone came to the conclusion to use the S******T script here? Someone gave me a hint to use that script.

I found the foothold tough as I was unaware about the script and was not able to get much info from the box initially. After that, it is easy.

who the hell is resetting the box?

Found the script but getting error ‘no module names hexdump’. i have installed using pip but still errors. anyone seen this before?

Type your comment> @wooly13 said:

Found the script but getting error ‘no module names hexdump’. i have installed using pip but still errors. anyone seen this before?

Same happened with me but after installing hexdump the script worked without any errors.

Script not working on Kali 2020.3 python 2.7.18

AttributeError: ‘int’ object has no attribute ‘value’

solved:
e…m34

Rooted the Box. Just PM me if any hints needed.

Type your comment> @gs4l said:

Rooted!! By the way, how did everyone came to the conclusion to use the S******T script here? Someone gave me a hint to use that script.

I found the foothold tough as I was unaware about the script and was not able to get much info from the box initially. After that, it is easy.

Yes bud. The foothold is tough. Especially finding that script that everyone was talking about it a hell ride. The rest is just easy with Google.

Finally rooted with the help of several kind souls :slight_smile:

PM me if you need help, I’ll help as much as possible.

Type your comment> @jkana101 said:

Rooted it. Totally not an easy machine. I think it should be a medium machine :slight_smile:

I agree.
I rooted it, but i think is more a medium box.
The choice of the OS is very original.
If anyone need a nudge, PM

finally rooted . more of a medium box . dm if anyone needs a nudge

@rholas said:
Script not working on Kali 2020.3 python 2.7.18

AttributeError: ‘int’ object has no attribute ‘value’

There is another option?

had the same problem… try updating your repo’s

i have command execution but cant get a rev shell… can anyone help plzz

Tip: if you get the message “The system cannot execute the specified program.” each time you try to get a rev shell… you have to take the right version of nc64.exe (and think to try all the options of the script found). I lost a lot of time because of this…

PM me if you need a link.

@agpriyansh I’m in the same spot rn.
@choupit0 I guess I need a version of nc that is built for that specific OS and architecture?

Hmm, could use a nudge… have hashes of the system… unblocked all ports to my ip. have access into the system from smb as whoever I want.

Not sure how or what to do with the decryption part. EFS?
A little help would be welcomed :slight_smile:

Type your comment> @PrivacyMonk3y said:

Not sure how or what to do with the decryption part. EFS?
A little help would be welcomed :slight_smile:

Just view the encrypted Flag. There is a mention about something. Google that thing and you will land on docs.microsoft article. It will help you :smile:

A weird box… I tried using an exploit which requires an open port 135(failed), bruteforcing the authorization(failed) and connecting to the SMB anonymously(failed). I read about the R****e20 vulnerability, but as far as I look, there’s no code for it. Any nudges would be welcome.

Am i right in thinking the script is used to upload a shell? The documentation is limited and the command doesn’t seem to work when uploading.