Resolute

boris154 · December 17, 2019, 3:19pm

Nice box. Although the user part took me too long, but I’ve learned to read more carefully everything I enumerate.

Now some hints, hope it’s not a spoiler.

User:

Enumerate the box like you would any other windows box. There are few tools to get user list.
Read all what you get.
What you found might be valid for someone else…
Did you get everything from nmap?

Root:
step 1: Enumerate more You don’t need any enumeration tools here. poke at every folder that you find. There are hidden secrets!
step 2: See who you are, google it, don’t overthink - the most simples exploit will work.

demesm · December 17, 2019, 4:34pm

Took me a bit since I haven’t been into this stuff for a while, first box ever attempted on HTB!

Got root after some messing around

up2nogood · December 17, 2019, 8:19pm

I’m at a loss as to why this box showed up when I only had easy boxes checked. It is far from it.

secucyber · December 17, 2019, 9:43pm

Got root. Nice box with a new tip i didn’t know, thanks ! As usual, enumeration was the key…DM me if needed !

up2nogood · December 18, 2019, 1:55am

I can’t seem to find a dnsadmin group. Any nudges would be appreciated

Uglymike · December 18, 2019, 2:21am

Banging my head against the wall on this one. This is my first attempt at any box and am stuck on the gaining root part. I have user 2, I know the AD group the user is in, I know there is an exploit for it but I’m unsure about the next step. Confused as to which tool to use next, there just seems like so many options! Can anyone provide any tips? Thanks in advance.

AlexLTN · December 18, 2019, 5:49am

Thx @egre55 , nice box.
PM if you need, just describe in detail where you are stuck

boris154 · December 18, 2019, 8:05am

Type your comment> @Uglymike said:

Banging my head against the wall on this one. This is my first attempt at any box and am stuck on the gaining root part. I have user 2, I know the AD group the user is in, I know there is an exploit for it but I’m unsure about the next step. Confused as to which tool to use next, there just seems like so many options! Can anyone provide any tips? Thanks in advance.

Google it. There is great article about it.

Meise · December 18, 2019, 1:24pm

hey, i really need an hint to m**** to r**** … can someone PM me?

H3L1OS · December 18, 2019, 1:55pm

Type your comment> @HuskyHacks said:

I get an error on my **B ****er:

TreeConnectAndX not found ***.*ll

when trying to pull the *ll to the target.

Google has failed me. Any ideas?

I’m getting the same error can someone give me a nudge on this.

0xalivecow · December 18, 2019, 3:45pm

Can I please get a hint for very erly foothold? All I have is one user.

Edit: I do now have many users.

n3ts3c · December 18, 2019, 4:15pm

Type your comment> @Meise said:

hey, i really need an hint to m**** to r**** … can someone PM me?

try harder, keep your eyes open and you’ll find what you are looking for. Sometimes you have to pick up rocks to see what’s underneath…

Meise · December 18, 2019, 4:21pm

Type your comment> @n3ts3c said:

Type your comment> @Meise said:

hey, i really need an hint to m**** to r**** … can someone PM me?

try harder, keep your eyes open and you’ll find what you are looking for. Sometimes you have to pick up rocks to see what’s underneath…

Thanks,
i am r*** now thx to @Z1LV3R hints c: , now i only have to find this ■■■■ user flag… fking windows

doublep · December 18, 2019, 4:44pm

Got root! Thanks @AlexLTN for the tip!

saulgoodmn · December 18, 2019, 7:58pm

Type your comment> @boris154 said:

Type your comment> @Uglymike said:

Banging my head against the wall on this one. This is my first attempt at any box and am stuck on the gaining root part. I have user 2, I know the AD group the user is in, I know there is an exploit for it but I’m unsure about the next step. Confused as to which tool to use next, there just seems like so many options! Can anyone provide any tips? Thanks in advance.

Google it. There is great article about it.

Do you have the link to that article?

DevilHimSelf · December 18, 2019, 8:00pm

Finally rooted. for my first machine on HTB( or ever) it was so fun for me,
the User flag was piece of cake just enumerate and that’s it.
for root everything was so straight forward for me but that AV. i had to create my own exploit and when that works it really worth the c++ coding

KirkX · December 18, 2019, 8:02pm

Don’t need to get worry about AV if you use S*B to upload the D*L… =]. If you need a hint just PM.

mayanknauni · December 18, 2019, 8:06pm

Type your comment> @kirkx said:

Don’t need to get worry about AV if you use S*B to upload the D*L… =]

would appreciate a nudge mate, cannot sleep

KirkX · December 18, 2019, 8:08pm

@> @mayanknauni said:

Type your comment> @kirkx said:

Don’t need to get worry about AV if you use S*B to upload the D*L… =]

would appreciate a nudge mate, cannot sleep

What is the problem exactly?

mayanknauni · December 18, 2019, 8:09pm

Type your comment> @kirkx said:

@> @mayanknauni said:

Type your comment> @kirkx said:

Don’t need to get worry about AV if you use S*B to upload the D*L… =]

would appreciate a nudge mate, cannot sleep

What is the problem exactly?

PMed you