Hey HTB pplz!
I’m on the markup box, I tried this yesterday and was able to get the user flag but I haven’t been able to get the root flag. I’m not sure privilege escalation is possible when the wevtutil is not running.
The box is showing as a different IP then yesterday but the problem seems persistent.
Any suggestions?
Hi there!
I encountered a similar challenge with the Markup box in HTB. The issue might be with nc64.exe, which isn’t compatible with the HTB lab VM machine. I switched to a different version of NetCat, and it worked perfectly. You can download nc64-32.exe from this link: https://github.com/vinsworldcom/NetCat64/releases/download/1.11.6.4/nc64-32.exe.
Also, regarding wevtutil, it doesn’t run continuously but periodically. To keep an eye on it, you can use the ps command in PowerShell to monitor its activity every second from within the VM lab. This should give you better insights for your privilege escalation attempt.
Hope this helps and best of luck with your HTB challenge!
1 Like
please don’t link directly to binaries, instead link to the distro. No the box itself was broken. but thanks for your 2 cents.
Thanks so much for this reply! I was having a hard time with this box and your tip helped me out. I just had to run the ps command a couple of times before wevtutil finally showed up. On to the last one!