got i–r, got C—s, got the user flag and a stable shell.
I read the documents left by my CEO, but no clue on how to get further to root…
help pls
Type your comment> @sniperhack said:
got i–r, got C—s, got the user flag and a stable shell.
I read the documents left by my CEO, but no clue on how to get further to root…help pls
Look through Chris’s files/directories, there may be a certain ‘old file’ present there as people have been referring to in the comments. See if/how you can exploit that type of file.
i’m on root i can do it on my win box but it doesnt seem to work on sniper box can someone dm me?
I keep getting Connection Reset Errors if someone can help me figure out why this is that’d be appreciated.
Got root. Very nice box, taught a lot
This was a long journey for me but very enlightening!
The last step almost drove me crazy, but the clues finally led me to the right path and I felt very happy and almost surprised when the admin shell popped up!
Thanks @MinatoTW & @felamos for a very nice box, this is my favorite so far!
Hoping for a sequel, maybe the CEO makes up more crazy ideas 
c:\Users\Administrator\Desktop>whoami
whoami
sniper\administrator
Most fun Windows box so far.
I’m using the correct tool for foothold as far as I know, but I can’t get it to work. I get a connection that immediately closes. could someone help me?
Type your comment> @Endoisshy said:
I’m using the correct tool for foothold as far as I know, but I can’t get it to work. I get a connection that immediately closes. could someone help me?
I had to set the tools aside and do a lot manually for this one so far. FINALLY got user.txt a few minutes ago. PM me for nudges 
any hints on reverse shell appriciated, PM please
I am able to get a connection for the intitial foothold, but the connection closes immediately. Any tips?
Hi everyone, i’d really appreciate some tip on escalating from i*** to c****
got creds to db and from db but those don’t seem to work anywhere. Already tried most of the techniques for privesc on win but nothing. There is also this “tip” from the file with db creds about user access on localhost but this doesn’t seem to work either…
I’m stuck with this one so if someone has some better tip than those that are already on the forum i would be thankful.
Any help appreciated. PM me
Possibly the most fun windows box and I learned about a new tool. Lots of googling was involved though.
It was a steep powershell learning curve though.
@michiPwn said:
Hi everyone, i’d really appreciate some tip on escalating from i*** to c****
got creds to db and from db but those don’t seem to work anywhere. Already tried most of the techniques for privesc on win but nothing. There is also this “tip” from the file with db creds about user access on localhost but this doesn’t seem to work either…
Its difficult to hint this. You want to check for credential reuse but you cant do it in an easy manner.
Think about Windows’ built in admin tools and how you can use that to create an object which allows you to invoke commands as someone else.
Finally rooted! Thanks @TazWake for the nudge on root. I was about to rage quit but I am glad I stuck it out. What a great box! I learned so much.
Rooted! what a journey… Really cool box.
inital: you can go further than you can
user: the information needed is provided to you
root: ■■■■■■ ■■■■ - think about the given scenario
I have the user flag.
I am having issues trying to get root.
I have tried a lot of different things in regards to the old file.
Can anyone provide any assistance?
Totally stuck on the way i could use creds, I tried this ps commands without luck
In****-Com****
St***-Pro****
Finally rooted, had a lot of fun.
User: Look at what you can do once you find your vectors, hints in the forum would be enough.
Root: What you found it a hint, read the boss gives a hint, and google would help you to understand how to use that vector.
Messages for hints if needed.
Great machine!
Can i please get a hand to go from From user i*** to c****
I have some creds for the DB and from the DB for s******** but i can not find a combination that works to elevate within PS i’m pretty sure i know the syntax but no creds work.
Thanks
Edit:
Nevermind i see where i went wrong