Since I haven’t found no other topic and no one was keen to help me out in Discord, thought of giving a try here.
In the WinRM Section, I was able to get access to DC01 as the user ‘Helen’ but with ‘Leonvqz’ I was only able to get access to SRV02. If someone can help me out, give it a shout!
Got it. If anyone is using the Pwnbox and is struggling, feel free to DM.
hi @bsnun,
I have a question for you. i started this module recently and the Server Message Block (SMB) section i have a problem with the question number “Use any tool to get a shell on SRV02 using the service Application Layer Gateway Service (ALG) and read the flag located at C:\Flags\serviceflag.txt:”
the system show me an error when i try to use the following sentence : proxychains4 -q impacket-services INLANEFREIGHT/helen:‘RedRiot88’@172.20.0.52 start -name ‘Service Backdoor’
error: cant locate the file.
can you help me?
Check what you are trying to accomplish and what your commands are
thanks, I solved it
I am running into the same issue. I tried to set it up exactly like the instructions said but modifying the ALG service. I did everything correct but get the file not found issue.
Have to add the registry to SMB anonymous login. Or you can set the file locally. It will also do
Roger, so I do that in the RDP session?
Yeah, you can do that
It worked, I used the rdp session to setup ligolo, then used ligolo to get psexec and execute the reg command from there it all worked.
I am working on this one now, do you have any suggestions?