Using CrackMapExec - Skills Assessment

hi there!
stack on DEV01, any hint?

Need help for last flag :checkered_flag:

I can share my notes with you if you have a Google email account.


1 Like

Howdy, can anyone give me a steer on question two Gain access to the SQL01 and submit the contents of the flag located in C:\Users\Public\flag.txt. of the Skills Assessment?

So far, I have found two accounts and two passwords. I feel like I’ve tried everything but still can’t get in.

I’m trying to find a common password for the first question from 3 days, can you give me some hints? I have to try normal pass or some wordlist from seclists?

Hi guys i need a nudge for gaining access to Dev01

Cannot find a way from sql01. Gained system on sql01.

Has anyone found a nudge? I am stuck too. Already bruteforced the ■■■■ out of the users I gained from rid-bruteforcing with all 4 passwords I’ve gained…

Yh spent 5 hrs bruteforcing users.
Crackmapexec rdp erroring out lol

So what was your solution?

I did that through the database…

I still don’t find the necessary computer account, still stuck with the user acquired from drop-sc NTLM theft. Can you send me a hint - been stuck for weeks now…

Anyone have an update/hint for getting the service account after stealing the ntlm hash? Can’t get to dev01

Never mind, got it finished module.

Im stuck in the dev01 part.

How did you get the access to dev01 machine?

Search with (i think) james creds svc account. (that was in my notes)

I got only SQL01$ hash, but it has the same access to dev01 as user james

start enumeration all over from the beginning with James. You will get a service account for dev

Oi, I’ll try it. Ty man

NP, the whole cme module is about getting something new and re-trying everything, in a loop.
Let me know how are you doing

Got the same accounts using James.
Tried to brute force pass for svc_devadm and svc_inlaneadm, but got nothing. I’m bit sleepy, so I think I missed some stuff. If you have any hint left, I’ll appreciate