error messages i get from ********++ are completely messed up, like there’s some memory corruption going on. web interface dosen’t reply at all, just disconnects after a moment. i’m on VIP and by the looks of it the only one working on this box rn, so i feel like brute forcers or repeated resets can’t really be the issue here
EDIT: oh my godddddddddd i finally figured it out. the port number should be a giveaway and tell you how that port is different. not good enough? nmap it
C:\Users\Administrator>whoami
whoami
nt authority\system
C:\Users\Administrator>hostname
hostname
ServMon
Fun easy box,
Read the exploit you will find online for an idea on how it is exploited, then read the docs. I did manage to view the webui but it was slow as f so ended up using the API instead.
You do not have to reset, refresh or reload this box or any part of it. Priv esc can be done consistently with 2 curl commands from kali.
Sounds like some people could do with watching this:
Frustrating box for no reason, not much to learn here, I stayed more for the need to complete it.
Please do not reset the box it’s just frustrating for all.
For user many hints already shared.
For root, the exploit that you will find is poorly documented, read a bit on the .ini file to understand the structure.
One generic command and not essentially a hint but rather common knowledge:
ssh -l user IP -L 1234:127.0.0.1:8443
And connect from your local browser to port 1234 on your system.
Do not use localhost instead of 127.0.0.1, use the IP. localhost might be resolving locally on the ipv6 interface which in many cases comes into priority. By all means it does not ensure that a service is listening also to the IPV6 interface.
Stuck on User - I have creds from the P********.t** file, but I’ve tried them against all the services that make sense to me. I feel like I’m being super dense about this - any hints? perhaps I’ve not got the right username? (Been using both N* users)
Stuck on User - I have creds from the P********.t** file, but I’ve tried them against all the services that make sense to me. I feel like I’m being super dense about this - any hints? perhaps I’ve not got the right username? (Been using both N* users)
I think you’ve overlooked a service. Try not to focus on common Windows services here.
Stuck on User - I have creds from the P********.t** file, but I’ve tried them against all the services that make sense to me. I feel like I’m being super dense about this - any hints? perhaps I’ve not got the right username? (Been using both N* users)
I think you’ve overlooked a service. Try not to focus on common Windows services here.
Rooted, but it was a lot tougher than it should have been due to instability but still learnt from it and there are multiple ways to exploit and shall come back to it later to try other methods.
Thanks to @GibParadox and @c0ckr04ch for confirming that I wasn’t losing my mind when encountering instability.