How did you mount it bro? I am not able to do it.
Can you help me?
Check the first article (from medium[dot]com) linked in the OP, or look for āmounting bitlocker vhd vhdx in linux mediumā
I use linux on a VM, so I copied .vhd file to my windows host andā¦
why did you crack the Admin password? You just just need to log in what you have with
it should work if you did that with mutated password list. the problem could be the file was modified in some way during transit i.e incomplete file transfer (a big problem you might find with this lab). make sure you got the same file by comparing the hashes on the target machine and in your box.
I get the password after cracking the Logins.kdbx file, but when I try to use this password with user david on smbclient, it doesnāt work
any help please ?
use runas command
Iām running into some issues with the lab getting disconnected. I start up CME to start getting the first user password and after about 10-15 tries it starts to timeout. Resetting the machine give me another 10-15 attempts but still yields same results. I changed my VPN connection but still no luck. Anyone else run into this?
I had this same issue. When transferring the kdbx file over the cli ftp client, apparently the file is treated as ASCII and it alters the hash. Evil-WINRM treats it as binary as it should so the hash is correct. It cracked in less than a minute after re-transferring the kdbx file over WinRM. Thank you for your insight into that. I was pulling my hair out.
see this , it helps me to download success
windows - smbclient alternative for large files - Unix & Linux Stack Exchange
åļ¼č°¢č°¢ bro ļ¼thanks a lot , love from China
I had the same problem and I used crowbar.
With the next command I could find the valid credentials to log in on RDP (Johanna)
./crowbar.py -b rdp -s 10.129.1.32 -u Johanna -C mut_password.list
I hope it is helpful to more people
I had the same problem, only you should add flag -t (time to time out in seconds) In my case Iāve putted 1500. With this time the file will be download with out problems!
I got it!
advice: use a virtual machine with windows to open VHD file is the best and easy way
is it done?
honestly, you need to uninstall default hydra.
Install and build hydra from github with smb2, then use smb2 itās lightning fast
hydra -l johanna -P mutated-passwords xxxxxxxxxxx smb2 -t50
It seems youāve got an extra 3 there.
Thank you for this! I got the flag!
Thank you all for the hints!
For those who are struggling
Read the module again and again.
Donāt miss the topics, all of them are important to understand.
The only thing that is not in this module is mounting v** file, this forum helps me get flag on the last step in mounting v**.
These are my steps:
bruteforce johanna password by using hydra and the wordlist using custom rule
bruteforce k33p4$$
get v** file from $**
bruteforce v** file
then search how to mount v** from linux (the tips are here on this forum)
you will get the flag on this process.
dm me if you are stuck!
Spent like 2 hours trying to get the .v** file passwordā¦
Restarted my pwnbox and finally got the full file
Then I proceeded to do a triple file transfer from pwnbox > target > kali VM > windows VM with bitlocker