Tried it once again, it worked. I have no idea how. Used the automated method. R0000t
Hey yo world,
Can anyone pm me why the root part required specific path and didnt work in other directories?
Would really appreciate it!
I’m curious - was anyone able to get a reverse tcp shell back to a meterpreter session on the initial foothold? I tried but am not having any success.
Already found L** vulnerability, not sure if it’s a rabbit hole though.
Finally Rooted ! The User part was pretty interesting . Root is pretty straightforward once you know what to do. Definitely Learned something new.
PM for nudges !
Rooted! Thank you so much to @5ysk3y @halfluke @eviltor13 and @metuldann. Seriously could not have done it without you guys. I learned a ton and had so much fun. @5ysk3y, you saved the day. RESPECT!
Spoiler Removed
Edited: Get root, still dont know why I******t dont work, learn a lot in settings and windows files
Initial: Understand how to set up a service server (xxx.conf) and debug it (log.xxxx)
User: in front of you
Root: read files and guess the flow, google it and try harder
Spoiler Removed
Finally rooted. That was quiet a ride. Super fun but I couldn’t have done without all the comments in this forum.
Foothold: Probably the most interesting part of this box. If you read through all previous comments and rely on native tools, you’ll be fine. Once you’re on the box, see what you can do with your new powers and use common networking tools to get a proper shell.
Priv esc from user 1 to user 2: Built-in Powershell commands are enough. Watch ippsec’s Arkham video if you need help.
Root: Look for that special file everyone keeps talking and read the CEO’s note very carefully. If your payloads aren’t working, a very nice n…… script will do 95% of the work for you.
Got root, nice ride on this Machine.
There are already a lot of useful hints here but I recommend the one in page 12 from @Countably.
If you are struggling to go from user1 to user2 don’t mess too much around scripting. I wasted 2 days on that and finally found a different way.
I’ve managed to get a webshell but struggling to get a reverse shell. Hope i get it soon.
anyone else getting issues with ps remoting.
i just get an error about computer name valid and firewall exception. its driving me mad.
tried 2 different PCs with same issue
Hi, Could someone explain to me why on the initial foothold i*******-s******** doesn’t work but s***** does ?
Hi,Stuck at root. non of scripts works for me,but they work when I test them in my computer,appreciate any help
Finally got a low priv reverse shell and escaped the terrible webshell (The webshell is great! But i always prefer netcat reverse shells!) Overcomplicated things so much, if you’re stuck somewhere on this box, the best thing would probably be step back for a second and look at your enumeration, and try different things.
Got user!
Finally got the box! Thank you MinatoTW and felamos ! Fun box.
I did get the root flag in the end, but no working shell. Any care to DM as to what payload would work to get an actual admin shell? THanks in advance.
Finally got root… i learned a lot of powershell an win on the way. Thanks!
Struggling with getting escalated to second user and getting a shell back. Tried everything i can think of. Running as - invoking - running script to pass creds. I’m out of ideas.
If someone can message me nad give me a hand it’d be much appreciated.
It will no doubt be something small that i’m missing. Cheers