Type your comment> @ShiRake said:
Hey I need a little nudge with root. I’ve gotten the passwords but I can’t seem to use it. Can anyone guide me? Thank you
Sent you a message
Type your comment> @VbScrub said:
@sunshinesec said:
https://www.amazon.com/Windows-Internals-Part-architecture-management-ebook/dp/B0711FDMRR/ref=sr_1_1?crid=XQT77A8GHKHP&dchild=1&keywords=windows+internals&qid=1588406434&s=books&sprefix=windows+%2Cstripbooks-intl-ship%2C337&sr=1-1Did they ever release part 2 of that? I got part 1 back in 2017 but just had a look on amazon and it says part 2 was released in April this year but it also says it hasn’t been released yet :s
Also I will say that these books are very in depth and not really for beginners. I also don’t know if they’d be that much use for general pentesting stuff really. They’re mostly all about how the OS works at the kernel level, so if you’re going to be specialising in discovering exploits in that area then definitely grab a copy, but lets face it most of us are not doing that.
@VbScrub i have slightly old paperback version, I agree that its a very detailed book and may be little too deep just for pentesting but if someone wants to invest time on understanding the windows internal/fundamentals then its really good and will be helpful in pentest and even forensics as well.
how to get root
someone can give me tips?
Type your comment> @JKLOVE said:
how to get root
someone can give me tips?
Don’t ask so general, you won’t (and should not) get answer.
Instead ask concrete and prove that you have been working the box out.
We spend many hours and effort on each box so please be respectful.
@JKLOVE said:
how to get root
someone can give me tips?
Exploit something vulnerable that is on the box.
Finally rooted 
Root shell kept dropping out, seemed like I was having to race to get what I needed.
Guess this is down to others running the same exploit on the box?
Took longer than expected as tried to go down the telly-box route.
In the end a bigger boat helped me out…
Type your comment> @TazWake said:
@JKLOVE said:
how to get root
someone can give me tips?Exploit something vulnerable that is on the box.
I like your style.
Stuck on root using the U****c method, changed what I need to but not getting any output from it. Anyone who could DM me to check I’m on the right track? Cheers
Hi everyone, I got root with U***c method but i am wondering about TV method. I used some meterpreter functions but i couldn’t success. Could anyone dm me about this method Regards
Hi all, got a bit stuck on the user part… I’ve found a lot of things and now I try to get the POC 46***.*y working. I changed the basic information to the target and I tried to run it.
After running it, I get the next error:
VIEWSTATE = soup.find(id=“_VIEWSTATE”)[‘value’];
TypeError: ‘NoneType’ object is not subscriptable
(and yeah 8 coffie won’t help anymore after working a few hours on this part…)
not sure what the error means if I did not change other parts… Something wrong with the POC?
Finally Did remote with u****c way
want to know about TV way.
ROOT!Although this machine is very simple. I would give it medium because the shell I got is very limit: There is NO error message… I waste so much time on some detail issues 
rooted
got my way to the root using the U****c method
could anyone pm about the tv method?
Pleaseeeee someone ping me!!! I am stuck with the root, I can not create a new user and I can not execute the reverse shell from powershell!! I already reset the machine couple of times but nothing, it´s incredible… everyone say “it´s working” but is not working for me and we are doing the same command for sure because is not a difficult command, as I said, please send me a message!!
Got user. If you’re struggling with the exploit - it didn’t always work for me. I ran a payload, it worked and literally 3 minutes later it didn’t so don’t give up if it happens to you as well. Also the box hasn’t been too stable recently (on EU1 at least). Some douchebag would change the password every now and then but just reset the box if it happens again.
Guys, I’m not able to get a initial foothold for the user, I went through all the links on the webpage. Not able to get any username or password. Any hints?
Type your comment> @X3522A said:
Guys, I’m not able to get a initial foothold for the user, I went through all the links on the webpage. Not able to get any username or password. Any hints?
As you already should know, there is no plain text password inside the files, but inside one of the most important files (you can read just partial information from this file) you will find a user followed by the hash.
for getting User, Enumerate well…after that…check the portal…its a product…it can have known flaws
For Root…I see there are two ways to get it…the remote one worked but the other one didn’t worked for me. Overall all a good box…PM me for nudges if you are stuck
Hey guys - literally stuck on root… can someone give me a nudge ?
i have a PS reverse shell, based on MSF with user but all outputs /errors whatever are surpressed in that reverse shell… would be great to have a nudge for root
Amazing machine.
Hints,
User: Follow the leads and google a particular type of file. Don’t overthink it, a single command like strings can help.
Root: Even easier, try many things after the initial foothold holds your hand and tells you where you have to go.
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : fe80::250:56ff:feb9:bfff%13
c:\Users\Administrator>whoami
whoami
nt authority\system