Starting Point Machine

Type your comment> @mechag said:

@Inigma THANK YOU THANK YOU! I didn’t even realize that it just had to due with the semantic issue around \ / 's …gawds…

@saj - I’m running Python 3.8.2

I had to download impacket-0.9.21 for my Kali-linux machine, otherwise myssqlclient.py will keep reporting “[-] Missing required parameter ‘digestmod’.”

v0.9.21 just came out in March, and it solves some issues related to SMB connections, but apparently not backslashes vs forward slashes! :grimace: :grimace: :grimace:

Release impacket 0.9.21 · fortra/impacket · GitHub

Same mistake! Thanks for posting

hey i tried but i don’t know what is the password
please help me…also i got an error ie "Login failed for user ‘ARCHETYPE\Guest’ .

Have you tried: ARCHETYPE/guest?

Is the guest account able to login?

it asks for password!..
i don’t know what password is asking : (

@protor said:

it asks for password!..
i don’t know what password is asking : (

Are you 100% sure you are meant (or able) to get access with that account?

i think no, because it doesn’t work as expected

@protor said:

i think no, because it doesn’t work as expected

Possibly a good sign.

Have a look at the write up for the starting point machine and see if it explains it in more detail.

@TazWake

python3.8 psexec.py administrator@10.10.10.27
Impacket v0.9.21 - Copyright 2020 SecureAuth Corporation

Password:
[] Requesting shares on 10.10.10.27…
[] Found writable share ADMIN$
[*] Uploading file IiPAmKEF.exe

/////////////////////////////////////////////////////////////////

and it pauses, don’t execute the others operations

Hello there,

I am also getting the password incorrect error.
they are as follows:

root@kali:~# mssqlclient.py ARCHETYPE\sql_svc@10.10.10.27 -windows-auth
Impacket v0.9.22.dev1+20200929.152157.fe642b24 - Copyright 2020 SecureAuth Corporation

Password:
Traceback (most recent call last):
File “/usr/local/bin/mssqlclient.py”, line 173, in
ms_sql.connect()
File “/usr/local/lib/python3.8/dist-packages/impacket/tds.py”, line 532, in connect
sock.connect(sa)
ConnectionRefusedError: [Errno 111] Connection refused

any help is appreciated lol. I’ve tried both / and \ for the username. and the password i used is the M… one copied and pasted.

really lost here lol.
thanks in advance~

Type your comment> @Igotanheadache said:

@TazWake

python3.8 psexec.py administrator@10.10.10.27
Impacket v0.9.21 - Copyright 2020 SecureAuth Corporation

Password:
[] Requesting shares on 10.10.10.27…
[] Found writable share ADMIN$
[*] Uploading file IiPAmKEF.exe

/////////////////////////////////////////////////////////////////

and it pauses, don’t execute the others operations

did you solve the issue?

I’m running into same issue.
running on kali linux

@JKJLlol said:

Hello there,

I am also getting the password incorrect error.
they are as follows:

root@kali:~# mssqlclient.py ARCHETYPE\sql_svc@10.10.10.27 -windows-auth
Impacket v0.9.22.dev1+20200929.152157.fe642b24 - Copyright 2020 SecureAuth Corporation

Password:
Traceback (most recent call last):
File “/usr/local/bin/mssqlclient.py”, line 173, in
ms_sql.connect()
File “/usr/local/lib/python3.8/dist-packages/impacket/tds.py”, line 532, in connect
sock.connect(sa)
ConnectionRefusedError: [Errno 111] Connection refused

any help is appreciated lol. I’ve tried both / and \ for the username. and the password i used is the M… one copied and pasted.

really lost here lol.
thanks in advance~

Possibly a few things:

• The version of impacket you are using is different to the walkthrough. Its possible something has changed.
• The box might have fallen over.
• The network might have dropped.
• You might need to escape the slashes with /\
  (Starting Point foothold mssqlclient.py - #37 by tonyntas - Machines - Hack The Box :: Forums)

@EpicRmPg said:
did you solve the issue?

I’m running into same issue.
running on kali linux

It’s possibly a python version issue.

Checking the GitHub repo (GitHub - fortra/impacket: Impacket is a collection of Python classes for working with network protocols.) it says:

A Python interpreter. Python 2.6/2.7 and Python 3.6 are known to work.
If you want to run the examples and you have Python < 2.7, you will need to install the argparse package for them to work.

@TazWake said:

@EpicRmPg said:
did you solve the issue?

I’m running into same issue.
running on kali linux

It’s possibly a python version issue.

Checking the GitHub repo (GitHub - fortra/impacket: Impacket is a collection of Python classes for working with network protocols.) it says:

A Python interpreter. Python 2.6/2.7 and Python 3.6 are known to work.
If you want to run the examples and you have Python < 2.7, you will need to install the argparse package for them to work.

I have updated, upgraded, downgraded and reinstalled python, still without any success.

ill try with Pwnbox and see if it works there (if it works then it’s my distribution of kali). if not ill have to give “starting point” a few weeks and get back to it. until then i’ll play with other boxes.

if someone has other solutions please do write.

Type your comment> @EpicRmPg said:

Type your comment> @Igotanheadache said:

@TazWake

python3.8 psexec.py administrator@10.10.10.27
Impacket v0.9.21 - Copyright 2020 SecureAuth Corporation

Password:
[] Requesting shares on 10.10.10.27…
[] Found writable share ADMIN$
[*] Uploading file IiPAmKEF.exe

/////////////////////////////////////////////////////////////////

and it pauses, don’t execute the others operations

did you solve the issue?

I’m running into same issue.
running on kali linux

nope

Type your comment> @Inigma said:

Hi all!

New guy trying to startup in info sec.

Having some troubles just with the starting point tutorial :neutral:
I’ve followed everything up until I try to use mssqlclient.py where it says Login failed for user ‘ARCHETYPE\Guest’ even though I’m connecting as ARCHETYPE\sql_svc@10.10.10.27.
I have the password from the previous step, so that all should be right.

Any ideas?

Hi, Just like @Inigma said “slash issues” i used forward slash “/” if you see --help in mssqlclient.py, it’ll give you the command syntax so i followed it but still it doesn’t worked but one lead i got seeing the syntax i added the password with it and it worked

@usmarine2141 said:
i have the password and it is telling me the password is wrong.

python3 mssqlclient.py ARCHETYPE\sql_svc@10.10.10.27 -windows -auth

with password M3g4c0rp123

get l;ogin failed for user ‘archetype\guest’

Hi, use --help with mssqlclient.py to see its syntax and there you’ll get your answers what you’re missing it’s in there

@zillakami said:
When I run: mssqlclient.py ARCHETYPE/sql_svc@10.10.10.27 -windows-auth
I get:
Traceback (most recent call last):
File “/usr/local/bin/mssqlclient.py”, line 4, in
import(‘pkg_resources’).run_script(‘impacket==0.9.22.dev1+20200327.103853.7e505892’, ‘mssqlclient.py’)
File “/usr/lib/python2.7/dist-packages/pkg_resources/init.py”, line 666, in run_script
self.require(requires)[0].run_script(script_name, ns)
File “/usr/lib/python2.7/dist-packages/pkg_resources/init.py”, line 1462, in run_script
exec(code, namespace, namespace)
File “/usr/local/lib/python2.7/dist-packages/impacket-0.9.22.dev1+20200327.103853.7e505892-py2.7.egg/EGG-INFO/scripts/mssqlclient.py”, line 173, in
ms_sql.connect()
File “/usr/local/lib/python2.7/dist-packages/impacket-0.9.22.dev1+20200327.103853.7e505892-py2.7.egg/impacket/tds.py”, line 532, in connect
sock.connect(sa)
File “/usr/lib/python2.7/socket.py”, line 228, in meth
return getattr(self._sock,name)(*args)
socket.error: [Errno 110] Connection timed out

anyone know what’s wrong?

Hi, use --help with the mssqlclient.py command to see its syntax and what you’re looking for it’s there

@proje3tor said:
it asks for password!..
i don’t know what password is asking : (

the password in the config file you downloaded from the share folder

What do we do if the Starting Point Machine appears to be down?

nmap -p- --min-rate=1000 -T4 10.10.10.27
Starting Nmap 7.91 ( https://nmap.org ) at 2021-02-06 01:02 UTC
Note: Host seems down. If it is really up, but blocking our ping probes, try -Pn
Nmap done: 1 IP address (0 hosts up) scanned in 1.31 seconds

@karabelov said:

What do we do if the Starting Point Machine appears to be down?

nmap -p- --min-rate=1000 -T4 10.10.10.27
Starting Nmap 7.91 ( https://nmap.org ) at 2021-02-06 01:02 UTC
Note: Host seems down. If it is really up, but blocking our ping probes, try -Pn
Nmap done: 1 IP address (0 hosts up) scanned in 1.31 seconds

Well some immediate options include:

• check your VPN is connected
• check to see if the machine needs to be spawned
• check to see if the machine needs to be reset
• raise a jira ticket with HTB to get the problem fixed.