Forum Discussion

Bronze II

3 months ago

Solved

Advanced CTF Challenge: Hardened Maze

Hi Team, I found file upload options on one port but get information: "For authorized personnel: Upload a critical security patch." I tried with many extension with curl and POST method with -F "e...

challenges

help & support

immersive labs

NIETOM
2 months ago
Try fodhelper again manually.

autom8on

Silver I

3 months ago

You might want to look here... List of Executable File Extensions - Windows - Aerorock ;-)

domel44
Bronze II
3 months ago
Thanks - i got reverse shell to the windows host but cannot find the way to escalate privileges to view token because host is in WORKGROUP not domain member...
- NIETOM
  Bronze II
  3 months ago
  domel44 - Enumerate your user carefully and the groups he belongs to and why he's part of those groups. Remember the box is "hardened".
- Nneka_AN
  Silver I
  3 months ago
  Hi Domel44! How did it go? Any progress?
  - domel44
    Bronze II
    3 months ago
    Hi Nneka_AN - no progress :/
    i try all metasploit reverse shell bypass UAC payloads - don't work
    also try from windows machine run multiple tools fodhelper, eventvwr, sdclt to try bypass UAC but no luck. Read articles about this:
    https://medium.com/@RosanaFS/bypassing-uac-tryhackme-walkthrough-c74818f11bbf
    maybe I'm trying to approach this from the wrong side, i don't know :)

Forum Discussion

Advanced CTF Challenge: Hardened Maze

Featured Places

Help & Support Forum

Related Content

Advanced CTF Challenge: Improbable Maze

Advanced CTF Challenge: Serial Maze

Advanced CTF Challenge: Inner Maze

Windows Hardening: Ep.6 – Pivoting

What is the Human Connection Challenge?

Recent Discussions

Trick or Treat on Specter Street: Manor of Madness

Trick or Treat: Manor of Madness

Trick or Treat on Specter Street: Phantom Pages

Trick or Treat on Specter Street: Ghost of the SOC

Server-Side Request Forgery Q6 & Q7