I completed this box,
However on the last part where I piv esc’ed on the box via psexec.py
I wasn’t able to get root.txt
Instead I had to type root.txt and get the root text that way.
Can someone explain why I wasn’t able to download root.txt and view it from my attack station?
I also don’t understand why when I psexec’ed in it defaulted to ADMIN$ share. Despite being able to traverse the directory and dir’ing to root.txt I wasn’t able to download it.
hi thebrick
sorry if i use your question for another question, but when you used command psexec.py the system has required a password? 'cause this happen to me and I don’t know how to do.
yes. it needs the password provided when you obtained the command line history of the user. It revealed that someone entered administrator creds with net.exe to enable the share T drive. Look at the walkthrough again.
How do you expect to download root.txt on your machine?