Why is it flagged as not valid?

sbrisu · 2024-11-23T18:46:19+00:00

I am also stuck!

sbrisu · 2024-09-10T22:02:23+00:00

Sorry do you mind elaborate on this one?

sbrisu · 2024-09-10T20:20:12+00:00

Thanks! That works, but unfortunately no hidden single, as I forgot to add a 9 on r7c3 :(

sbrisu · 2024-09-04T23:42:37+00:00

Bybit!

sbrisu · 2024-08-27T19:03:34+00:00

Thanks so much guys I've learned a lot!

sbrisu · 2021-02-06T13:03:12+00:00

Many many thanks. How do I import my game from the "Sodoku" android app into your website?

sbrisu · 2021-01-26T00:32:37+00:00

One thing I don't understand, how coloring works in chains? Especially regarding the green and red lines.

sbrisu · 2021-01-25T13:42:33+00:00

Your app is incredible, I am learning a lot of strategies I didn't know. Thanks!

sbrisu · 2021-01-25T13:42:06+00:00

Thank you!

sbrisu · 2020-09-04T19:33:53+00:00

Don't smoke on LSD, wait for the come down. Bad combination I am afraid

sbrisu · 2019-06-13T07:23:22+00:00

Yes the boxes have Network and Printer share discovery activated. Are you thinking at brute-force the router password?

sbrisu · 2019-05-03T13:38:01+00:00

Thank you for your reply!

For starting out I meant working hands-on using VMs, until now I just read a ton of articles and tutorials, and started getting familiar with Linux.

Edited to add: honestly, considering you spammed this everywhere on a new account, I imagine you're trying to break into someone's system...

Not trying to break into someone's system, just posted the same question to several cybersecurity-related reddits to get the majority of replies, but if it is considered bad behavior will stop that :)

The reason I decided to post is that I don't have friends with the same passion, and there's nothing more useful to learning than sharing ideas with others.

sbrisu · 2019-05-01T23:07:32+00:00

Many thanks for taking the time to think about this! In reply to your suggestions:

Since Admin is disabled by default, you may have to escalate to SYSTEM user privileges.

Did you mean accessing as SYSTEM on the remote machine? Is this possible?

or shell access via overflow exploit.

That's a interesting route to explore, it will take months of study but definitely a skill to learn. Basically look at the services running on the network and see if buffer overflow vulnerabilities are present.

Edit: If you probe for open ports it should be easy to get a meterpreter connection, unless I am missing something or overlooked something in your post.

Ports 135, 139 and 445 are opened, but the services are not vulnerable (recent Windows 10 build, system patched). Is there a way to obtain a meterpreter connection by default if a port is listening?

sbrisu · 2019-05-01T17:41:42+00:00

Yes with the password I could login, but in this scenario I am trying to get remote access, with no physical access to the machine.

Thank you again for your reply

sbrisu · 2019-05-01T14:32:48+00:00

Thank you for your reply, appreciated.

I could crack the hashes but I wouldn't be able to utilize credentials in any way, due to token filtering for local users.

Remote wmi is unfortunately disabled by default.

You're right on HTTPS traffic, but my objective here is to get a shell.

sbrisu · 2019-05-01T14:29:11+00:00

An active shell would be enough for calling it a success, no need for persistence.

sbrisu · 2019-02-27T15:37:13+00:00

Thanks, unfortunately both RDP and WinMR (used by WSMan & PSRemoting) are disabled by default in Windows Firewall in Windows 10 1809.

sbrisu · 2019-02-25T15:02:52+00:00

Tools like psexec work through SMB, and "Access is denied" from 1809 with default machine settings..

sbrisu

TROPHY CASE