Sizzle

@backspace said:
Found user + creds and other authentication things… looking for a good place to use them :slight_smile:

Stuck in this exact spot. Credentials without any apparent use.

Edit: Figured that part out, at least.

should I be trying to get lucky here?

Is this intentional? portscan doesnt work. Without any scan not doing anything susp., half of the HTTP requests times out. Is it because of the LAB or firewall stuff?
Restarted everything. Without doing any suspicious, just trying to browse the webpage> 10/2 attempt connects.

I had the same issue but adjusting my scan parameters helped.

I believe I missed some key stuff with my usual scans set to defaults.

@LegendarySpork said:
I had the same issue but adjusting my scan parameters helped.

yeah. Have to be polite…

Rooted. This is an amazing box, IMO.

It’s hard, but fair; no trolls or find-the-hidden-file CTF shenanigans. It feels very similar to Endgame as far as difficulty and Windows know-how goes.

The process to gain user was AWESOME!! :slight_smile:

I really had some fun.

Moving to root now. \o/

Edit:

Rooted! ^^

This box is so buggy. i’ve been uploading the file and running responder for 40 mins now. In wireshark I can see the handshake start and then the box sends a RST packet. Do these boxes get tested

@meni0n said:
This box is so buggy. i’ve been uploading the file and running responder for 40 mins now. In wireshark I can see the handshake start and then the box sends a RST packet. Do these boxes get tested

I don’t have a solution for this, sadly, but I’ve been hearing this from a lot of people. I’m seemingly one of the lucky ones who it worked for. :confused:

For me it literally took one second… was it just luck?!

It was on the first time for me also… lol.

Maybe is the method. xD

Idk

@23Y4D said:
For me it literally took one second… was it just luck?!

Yes. It did not work for me. I tried several times. Later a friend told me he did that. grrr So retried and worked. :frowning:

work to me, after 98947975,5 attempts. :stuck_out_tongue:

@opt1kz said:

@meni0n said:
This box is so buggy. i’ve been uploading the file and running responder for 40 mins now. In wireshark I can see the handshake start and then the box sends a RST packet. Do these boxes get tested

I don’t have a solution for this, sadly, but I’ve been hearing this from a lot of people. I’m seemingly one of the lucky ones who it worked for. :confused:

The solution is to watch the command line arguments you give. If you look closely to the packet capture you can see that before the box sends the RST packet the process on your machine sends a FIN packet (and RST is only the answer to this from box side). It is probably not a good idea to use a command line switch for XP, 2003 and earlier on a 2016 box.

@meni0n said:
This box is so buggy. i’ve been uploading the file and running responder for 40 mins now. In wireshark I can see the handshake start and then the box sends a RST packet. Do these boxes get tested

I was getting that. It worked once I used another version of the responder. The problem may be at your side, not the machine’s.

@jkr said:

@opt1kz said:

@meni0n said:
This box is so buggy. i’ve been uploading the file and running responder for 40 mins now. In wireshark I can see the handshake start and then the box sends a RST packet. Do these boxes get tested

I don’t have a solution for this, sadly, but I’ve been hearing this from a lot of people. I’m seemingly one of the lucky ones who it worked for. :confused:

The solution is to watch the command line arguments you give. If you look closely to the packet capture you can see that before the box sends the RST packet the process on your machine sends a FIN packet (and RST is only the answer to this from box side). It is probably not a good idea to use a command line switch for XP, 2003 and earlier on a 2016 box.

Now that you mention that, I didn’t use any extra switches at all (they didn’t seem necessary) and it worked just fine for me, so I haven’t had the need or opportunity to dig into packet captures. So… This is probably happening to people who are copying and pasting from a certain article.

Worked great for me, but then I worked off my notes from a previous box not an article. Heh.

@LegendarySpork said:
Worked great for me, but then I worked off my notes from a previous box not an article. Heh.

Yeah, same. There’s an article you can find about the initial stage, though, that throws a bunch of extra flags into the mix and those are causing the issue for people who are just copying and pasting, it seems.

So for anyone having the Responder issue: Use the latest version and change your flags.

Reading the man page will help too (sorry, couldn’t resist)

Besides that: You have different options to refer a UN* in a S*F approach!

And indeed yeah… I remembered another box too! xD