Walking throw Starting Point, Privilege Escalation step
Found following string in Powershell history
net.exe use T: \Archetype\backups /user:administrator MEGACORP_4dm1n!!
Trying to start remote cmd with administrator priveleges
john@kali:~/.local/bin$ ./psexec.py ‘administrator:MEGACORP_4dm1n!!@10.10.10.27’
Impacket v0.9.21 - Copyright 2020 SecureAuth Corporation
[-] SMB SessionError: STATUS_LOGON_FAILURE(The attempted logon is invalid. This is either due to a bad username or authentication information.)
john@kali:~/.local/bin$ ./wmiexec.py ‘administrator:MEGACORP_4dm1n!!@10.10.10.27’
Impacket v0.9.21 - Copyright 2020 SecureAuth Corporation
[-] SMB SessionError: STATUS_LOGON_FAILURE(The attempted logon is invalid. This is either due to a bad username or authentication information.)
Seems to be password incorrect… or I missed something…
Any hints?
P.S. Is it possible that someone changed password?
I’m having the same problem, not sure if its part of the challenge, or if someone changed the password
I think perhaps the password has changed, if you try to psexec with the other user, its clearly not a password issue, unless this is part of the challenge to figure out what the pw changed to
hey guys, if you guys haven’t figure out yet about the second problem you are facing, I am here to tell you that you were entering the wrong user. Try this username: Administrator
password: MEGACORP_4dm1n!!
Hey guys, I am almost all the way through this (first) machine - except the connection to the remote machine from psexec.py is always refused. I installed UFW and set the rule that allowed tcp to all as per the walk through and I have changed the IP to the one that is being reported in ifconfig under tun0 (10.10.14.77 in my case) which is the same one that was in the shell script etc, have battled all the way through this including installing impacket etc and just can not get this working.
ANY help over what I have obviously done wrong would be GREATLY APPRECIATED.
Try this: psexec.py administrator:MEGACORP_4dm1n\!\!@<tareget_IP>
I found that the ‘!’ is a special character that need to be escaped. Thus, I add a backslash for each one. And finally, it worked!